Managing  the  flow  of  an  infinite 
stream  of  worthwhile  proj 
akes  finesse.  Here’s  h 
avoid  backlogs  and  ch 


COMPUTERWORLD.COM 
MAY  20,  2013 


Also  insi  Avoid  IT  Audit  Nightmares  38  I  Chinese  Hackers  Lie  in  Wait  8 

COMF1)  ERW  RLD 


The  power  of  25.  Packed  in  the  space  of  one. 

The  powerful  and  affordable  IBM  System  x3650  M4  Express  server. 

To  meet  today’s  growing  demands,  businesses  need  a  highly  capable  server  even  when 
budgets  are  tight.  The  powerful  IBM®  System  x3650  M4  Express®  server,  with  the  latest  Intel® 
Xeon®  processor,  offers  great  value  at  an  affordable  price.  Designed  to  deliver  84%  greater 
performance1  and  handle  as  many  workloads  as  25  prior-generation  IBM  System  x3650 
systems?  x3650  M4  can  help  improve  productivity  and  resource  utilization.  This,  coupled 
with  the  expertise  of  IBM  Business  Partners,  can  help  you  configure  customizable, 
affordable  solutions  to  suit  your  unique  business  needs. 


A  powerful  server  at  an  affordable  price. 


IBM  System  x3650  M4  Express 


« 


$2,199 

OR  S57/MONTH  FOR  36  MONTHS3 
PN:  7915-EBU 

Low  TCP  with  exceptional  performance  per  watt _ 

Pay-as-you-grow  flexible  design  to  lower  cost  and  manage  risk _ 

Excellent  reliability  and  uptime  for  business-critical  applications  and  cloud 


IBM  System  x3550  M4  Express 

OR  $4 6/MONTH  FOR  36  MONTHS3 


IBM  Storwize®  V3700 

$8,799 

OR  S217/MONTH  FOR  36  MONTHS3 
PN:  2072-S2C 

2U  form  factor  capable  of  24  x  2.5"  drives  (up  to  120  drives  with  expansion  units) 
Virtualization  of  internal  storage  and  thin  provisioning  for  improved  storage  utilization 
Intuitive  user  interface  based  on  the  breakthrough  Storwize  family  user  interface 


PN:  7914-EAU 

Performance,  flexibility,  cost  and  density  -  perfectly  balanced 
Excellent  reliability  and  uptime  for  business  applications  and  cloud 
Easy  to  deploy,  integrate,  service  and  manage 

Contact  the  IBM  Concierge  to  help  you 
connect  to  the  right  IBM  Business  Partner. 
1  866-872-3902  (mention  102PF10A) 


Read  the  TBR  report 
and  learn  about  IBM’s  No.1  ranking 
for  performance,  scalability  and 
overall  customer  satisfaction. 

Visit  ibm.com/systems/moreforless 

Or  scan  the  QR  code  with  your  smartphone 
to  learn  more  about  the  x3650  M4  Express. 


r 

(Intel 

- 1 

/ inside 

,  >  1 

Xeon' 

L _ A 

’Source:  Intel'  Performance  comparison  using  SPECfp'_rate.  base2006  benchmark.  Baseline  score  of  266  on  pnor-generabon  2S  Intef* *  Xeon*  processor  X5690-based  (3.46GHz,  6  core,  12MB  L3, 6.4  GT/s  130W) 
platform  published  at  www.spec.org  as  of  6  Sept  2011.  New  score  of  492  on  2S  Intel*  Xeon*  processor  E5-2690  (2.90GHz,  8  core,  20MB  L3, 8.0  GT/s,  135W)  published  at  wwwspec.org  as  of  28  March  2012 
using  two  Intel*  Xeon*  processor  E5-2690,  Turbo  Enabled,  EIST  Enabled,  Hyper-Threading  Enabled,  128GB  memory  (16  x  8GB  DDR3-1600),  Red  Hat-  Enterprise  Linux  Server  6.1  for  x86_64,  Intel*  Compter  121 

•  Results  achieved  by  comparing  recommended  system  to  IBM  System  x3650  (with  Xeon®  E5205)  using  IBM  Systems  ConsoWation  Evaluation  Tool  (httpsV/roianalysUiineaacom/stgi/).  The  comparison  is  between 
IBM  System  x3650  M4  and  x3650  (does  not  include  x3650  M2  or  x3650  M3). 

^Global  Fnanang  offerings  are  prowled  through  IBM  Credit  LLC  in  the  United  States  and  other  IBM  subsicianes  and  dNtsions  worldwide  to  qualified  commercial  and  gcvemment  customers.  Monthly  lease  payments 
prowded  are  for  piamng  purposes  only  and  may  vary  based  on  yotr  credit  and  other  factors.  Lease  cffer  provided  is  based  on  an  FMV  lease  of  36  monthly  payments.  Other  restrictions  may  apply.  Rales  and  offemgs 
are  subject  to  change,  extension  or  withdrawal  without  notice  and  may  not  be  available  in  all  countries. 

IBM  hardware  products  are  manufactured  from  new  parts  or  new  and  serviceable  used  parts.  Regardless,  our  warranty  terms  apply.  For  a  copy  of  applicable  product  warranties,  visit 
httoV/wwwtom.corrVser\«rs/support/rnachine_ warranties.  IBM  makes  no  representation  or  warranty  regardtog  third-party  products  or  services.  IBM,  the  IBM  logo,  Storwize,  System  x  and  Express  ae  registered 
trademarks  of  International  Business  Machnes  Corporation,  registered  in  many  jurisdictions  worldwide.  Other  product  and  service  names  might  be  trademarks  of  IBM  or  other  companies.  For  a  current  1st  of  IBM 
trademarks,  see  wwwixncomlegaLccipytrade^htrnL  Intel,  the  Intel  logo,  Xeon  and  Xeon  Inside  are  trademarks  or  registered  trademarks  of  Intel  Corporation  in  the  US.  and/or  other  countries.  Al  prices  and  savngs 
estimates  are  subject  to  change  without  notice,  may  vary  accorting  to  configuration,  are  based  upon  IBM  Is  estimated  retail  seing  prices  as  of  4/30/2013  and  may  not  include  storage,  hard  drKe,  operating  system 
or  other  features.  Reseller  prices  and  savings  to  end  users  may  vary.  Products  are  subject  to  avaitoity.  This  docunent  was  developed  for  offerings  in  the  Urvted  States.  IBM  may  not  offer  the  products,  teatues  or 
services  discussed  n  this  document  in  other  countries.  Contact  your  IBM  representative  or  IBM  Business  Partner  for  the  most  current  pricing  in  your  geographic  area  ©2013  IBM  Corporation. 


THIS  ISSUE  |  05.20.2013  [  VOL.  47,  NO.  9  $5/C0PY  ] 


COVER  STORY 

Project  Greenlight 

16  It  takes  finesse  to  manage  a  seemingly  infinite  stream  of  worthwhile  projects  as  they  flow  through 
an  IT  department  with  finite  resources.  Here’s  how  to  avoid  backlogs  and  chaos. 


Bring  Your 

Build,  Dismantle, 

Own  Cloud 

Repeat 

26  As  personal  and  professional  clouds 

32  You  can  learn  a  lot  about  running  a 

converge,  IT’s  mission  to  improve 

successful  IT  shop  from  CIOs  who  manage 

productivity  while  protecting  corporate  apps 

short-lived  but  intense  IT  operations  for 

and  data  is  getting  tougher. 

disaster  relief  efforts  and  the  like. 

COMPUTERWORLD 

P.O.  Box  9171 
492  Old  Connecticut  Path 
Framingham.  MA  01701-9171 
(508)  879-0700 

Computerworld.com 

»  EDITORIAL 

Editor  in  Chief 

Scot  Finnie 

Executive  Editor 

Julia  King  (events) 

Managing  Editors 

Johanna  Ambrosio  (technologies), 
Ellen  Fanning  (features), 

Sharon  Machlis  (online), 

Ken  Mingis  (news). 

Bob  Rawson  (production) 

Assistant  Managing  Editor 

Valerie  Potter  (features) 

Director  of  Blogs 

Joyce  Carpenter 

Art  Director 

April  Montgomery 

Senior  Reviews  Editor 

Barbara  Krasnoff 

Features  Editor 

Tracy  Mayor 

News  Editors 

Mike  Bucken,  Marian  Prokop 

National  Correspondents 

Julia  King,  Robert  L.  Mitchell 

Reporters 

Sharon  Gaudin.  Matt  Hamblen, 
Gregg  Keizer,  Lucas  Mearian, 

Patrick  Thibodeau, 

Jaikumar  Vijayan 

Copy  Editor 

Carla  Dempsey 

Editorial  Project  Manager 

Mari  Keefe 

Associate  Online  Editor 

Rebecca  Linke 

Office  Manager 

Linda  Gorgone 

Contributing  Editors 

Jamie  Eckle,  Preston  Gralla, 

JR  Raphael 

»  CONTACTS 

Phone  numbers,  email  addresses 
and  reporters'  beats  are  available 
online  at  Computerworld.com 
(see  Contacts  link  at  the  bottom 
of  the  home  page). 

Letters  to  the  Editor 

Send  to  letters@computerworld. 
com.  Include  an  address  and  phone 
number  for  immediate  verification. 
Letters  will  be  edited  for  brevity 
and  clarity. 

News  tips 

newstips@computerworld.com 

Subscriptions  and  back  issues 

(888)  559-7327.  cw@omed  com 

Reprints/permissions 

The  YGS  Group.  (800)  290-5460. 
ext.  100,  computerworld® 
theygsgroup.com 


HEADS  UP  |  2  A  Black- 
Berry  shop  bucks  the  BYOD 
trend.  I  Half  of  all  companies 
are  expected  to  go  completely 
BYOD.  |  4  Shrinking 
chips  challenge  Moore’s 
Law.  I  Microsoft’s  Nook  bet 
has  yet  to  pay  off. 

NEWS  ANALYSIS 
6  Out-of-work  IT  vets  say 


employers  give  them  the 
cold  shoulder.  I  8  Chinese 
hackers  stay  hidden  as  they 
quietly  steal  data. 

OPINIONS  |  14  Steven 
J.  Vaughan-Nichols 

wants  everyone  to  stop 
freaking  out  about  Google 
Glass.  |  38  Bart  Perkins 
has  advice  on  avoiding  IT 


audit  nightmares.  I  44  Paul 
Glen  shares  the  secret  to 
keeping  processes  vital. 

DEPARTMENTS 

10  The  Grill:  NFL  CIO  Michelle 
McKenna-Doyle  I  36  Security 
Manager’s  Journal: 

Moving  to  better  access 
control  |  40  Career  Watch  ! 
43  Shark  Tank 


FOR  BREAKING  NEWS,  VISIT  COMPUTERWORLD.COM  1 1 1 1  i  1 1 1 1  i  II  It  i  f 


MM 


GETTY  IMAGES 


Fresh 

Insights 

New 

Trends 

Great 

Ideas 


SMARTPHONES  AT  WORK 


BlackBerry  Customer  Forgoes  BYOD 


BUCKING  THE  BYOD  TREND,  Canadian 
Tire  is  issuing  BlackBerry  Qio  and 
Zio  smartphones  to  its  corporate 
employees. 

An  overwhelming  majority  of  the  Toronto- 
based  company’s  3,000  corporate  users 
requested  the  Qio,  which  features  a  physical 
qwerty  keyboard,  as  a  replacement  for  older 
Bold  or  Curve  devices,  said  CTO  Eugene 
Roman.  But  some  said  they  preferred  the  Zio, 
which  has  a  touchscreen  keyboard.  Canadian 
Tire  made  BlackBerry  Zios  available  to  em¬ 
ployees  several  weeks  ago  and  began  issuing 
Qios  early  this  month. 

The  company  isn’t  convinced  that  a  bring- 
your-own-device  model  is  secure.  “An  email 
can  send  a  virus  into  your  core  infrastructure,” 
Roman  said.  “Right  now,  we  think  BYOD  is 
interesting  but  not  ready  for  the  mainstream.” 


So  far,  the  biggest  selling  point  of  the  new 
Zio  and  Qio  smartphones  is  their  long  battery 
life,  said  Roman,  noting  that  the  BlackBerry 
devices  last  10  to  12  hours  on  a  single  charge. 

Canadian  Tire  uses  BlackBerry  Balance,  a 
feature  of  the  BlackBerry  Enterprise  Service 
10  mobile  device  management  system,  to  keep 
the  work  and  personal  data  of  Qio  and  Zio 
users  in  separate  areas  on  the  BlackBerry  10 
operating  system.  If  necessary,  IT  can  wipe  the 

work  data  from  a  lost  or  stolen  _ 

device  and  leave  the  personal 
data  intact. 

Canadian  Tire  offers  its  cus¬ 
tomers  a  BlackBerry  mobile  app  that  lets  users 
browse  the  company’s  products  online,  find 
stores  and  check  product  availability.  The  app 
received  20  million  mobile  visits  last  year. 

-  Matt  Hamblen 


COMPUTERWORLD.COM 


CONSUMERIZATION  OF  IT 

Half  of  World’s 
Companies  to 
Embrace  BYOD 

About  half  of  the  world’s  companies 
will  adopt  bring-your-own-device 
programs  by  2017  and  will  stop 
providing  computing  devices  to 
employees,  a  new  Gartner  report 
predicts. 

Ultimately,  only  15%  of  companies 
will  never  move  to  a  BYOD  model, 
while  about  40%  will  offer  a  choice 
between  BYOD  and  employer-provid¬ 
ed  devices,  according  to  the  report, 
by  Gartner  analyst  David  Willis. 

While  mobile  computing  improves 
productivity,  the  average  cost  of 
company-provided  devices  is  high: 
more  than  $600  per  employee  per 
year.  The  ability  to  cut  those  costs 
combined  with  opportunities  to  in¬ 
crease  employee  satisfaction,  among 
other  things,  has  helped  drive  the 
BYOD  movement,  Willis  wrote. 

Most  of  the  IT  executives  sur¬ 
veyed  by  Gartner  think  well  of 
BYOD,  but  only  22%  said  that  they 
“believe  they  have  made  a  strong 
business  case"  for  mobile  projects, 
according  to  the  report. 

One  challenge  of  BYOD  is  figur¬ 
ing  out  the  best  way  to  reimburse 
employees  for  their  out-of-pocket 
expenses,  according  to  the  report. 

Other  considerations  include 

security  concerns, 
the  cost  of  man¬ 
agement  tools,  the 
need  for  applica¬ 
tion  licenses  and  “more  potential 
problems  for  an  overtaxed  help 
desk.”  Willis  wrote. 

-  CHRIS  KANARACUS. 

idg  News  service 


2  COMPUTERWORLD  MAY  20.  2013 


The  ideal  database  system 
would  be  capable  of 
real-time  analysis  of 
really  big  data.  A 


Structured  and 
unstructured. 


Download  or  request  a  free,  fully  functional,  non-expiring  trial  version  at  InterSystems.com/Ideal5A 


InterSystems  f 

CACHE 


©  2013  InterSystems  Corporation,  Cambridge,  MA.  All  rights  reserved.  InterSystems  Cache  is  a  registered  trademark  of  InterSystems  Corporation.  5-20  13  CacheIdeal5CoWo 


HEADS  UP 


Micro 

Burst 


BETWEEN  THE  LINES 

By  John  Klossner 


ReM£MPed-TH6 
INTERNeT  CAN'T  Vote. 


www.jkXossner.com 

*l©5Wf- 


OtvW  S^WTftX. 


PROCESSORS 

Shrinking  Chips  Challenge  Moore’s  Law 


NTEL  WILL  continue  to  fulfill  Moore’s 
Law  for  the  foreseeable  future,  but 
keeping  up  with  it  is  becoming  more  of  a 
challenge  as  chips  get  smaller,  according 
to  a  company  executive. 

Moore’s  Law  states  that  the  number  of  tran¬ 
sistors  that  can  be  placed  on  silicon  doubles 
every  two  years,  making  it  possible  to  continu¬ 
ally  improve  chip  performance  and  add  new 
functionality.  Using  Moore’s  Law  as  a  baseline, 
Intel  for  decades  has  added  transistors  while 
reducing  the  size  and  cost  of  its  chips. 

“I’m  not  here  to  tell  you  that  I  know  what’s 
going  to  happen  10  years  from  now.  This  is 
much  too  complicated,”  said  William  Holt, 
an  Intel  executive  vice  president  and  general 
manager  of  the  company’s  Technology  Manu¬ 
facturing  Group,  in  a  recent  speech.  But, 
at  least  for  the  next  few  generations  of  chip 
manufacturing  processes,  “we  are  confident 
we  don’t  see  the  end  coming,”  he  added. 

Moore’s  Law  is  based  on  an  observation  in  a 
1965  paper  by  Gordon  Moore,  who  co-founded 

4  COMPUTERWORLD  MAY  20,  2013 


Intel  in  1968.  It  has  held  true  for  years,  but 
Holt  said  that  manufacturing  smaller  chips 
with  more  features  is  difficult.  “There  are  just 
more  steps,  and  each  one  of  those  steps  needs 
additional  effort  to  optimize,”  he  said. 

To  keep  up  with  Moore’s  Law,  Intel  has 
turned  to  new  tools  and  innovations.  For 
example,  the  company  started  using  strained 
silicon  with  the  90-nanometer  and  6511m 
manufacturing  processes,  and  then  introduced 
gate-oxide  material  —  also  called  high-k  metal 
gate  —  to  the  45nm  and  32nm  processes. 

Further  reducing  chip  sizes  will  require 
new  ideas,  and  many  new  ideas  are  being  put 
to  the  test  in  university  research  funded  by 
chip  makers  and  semiconductor  industry  as¬ 
sociations,  Holt  said. 

Some  of  the  ideas  revolve  around  the  fea¬ 
sibility  of  replacing  silicon  with  new  materi¬ 
als.  For  example,  he  said,  “using  germanium 
instead  of  silicon  is  certainly  a  possibility  that 
is  being  researched.” 

-  Agam  Shah,  IDG  News  Service 


Oudated  technology  and 
HIPAA  compliance  are 
costing  U.S.  hospitals 

8.3  billion 

in  lost  revenue  and 
productivity. 


MICROSOFT 

$300M  Nook 
Investment 
Delivers  Little 

Microsoft  has  gotten  next  to  nothing 
from  its  $300  million  investment  in 
Barnes  &  Noble,  analysts  said,  but 
it  may  reap  some  rewards  as  it  pre¬ 
pares  to  ship  smaller  tablets. 

In  April  2012,  Microsoft  and  the 
bookseller  announced  a  new,  co¬ 
owned  subsidiary  that  included 
Barnes  &  Noble’s  Nook  business. 
That  bought  Microsoft  a  17.6% 
stake  in  the  company.  Other  parts 
of  the  deal  settled  patent  disputes 
between  the  two,  promised  Nook 
royalties  to  Microsoft  and  yielded  a 
Nook  app  for  Microsoft’s  “Modern’’ 
tiled  user  interface. 

A  year  later,  Microsoft  has  “gotten 
nothing  up  to  now,"  said  Carolina 
Milanesi,  a  Gartner  analyst. 

But  observers  say  the  deal  could 
still  pay  off  in  the  form  of  a  new 
generation  of  smaller,  less  expen¬ 
sive  Windows  tablets  that  would 
be  better  suited  to  e-reading  than 
current  larger  models  are.  A  7-in.  or 
8-in.  tablet  “is  a  great  form  factor” 
for  e-reading,  Milanesi  said. 

Other  analysts  agreed  that  the 
Nook  Media  collaboration  could  pay 
dividends  if  Microsoft  or  one  of  its 
partners  introduces  such  a  device. 

“This  was  more  an  investment  in 
an  organization,”  said  IDC  analyst 
Bob  O’Donnell.  “How  that  continues 
to  play  out  we’ll  just,  have  to  see." 

-  GREGG  KEIZER 


THERE'S  A  REASON 
NO  ONE  SAYS  EASY 
LIKE  MONDAY  MORNING. 

In  the  business  world,  Mondays  aren't  easy.  But  it  doesn't  have  to  be  that  way.  With  CenturyLink  as 
your  trusted  technology  partner,  you're  free  to  focus  on  the  things  that  matter  most.  As  a  leader  in 
hosted  IT  solutions,  our  visionary  cloud  infrastructure  gives  you  a  secure  and  reliable  environment  to  run 
all  your  applications.  Our  global  broadband  network  supports  both  MPLS  and  Ethernet,  ensuring  your 
business  is  scalable  and  agile.  And  our  dedicated,  responsive  support  is  designed  to  make  your  life  easier 
every  day  of  the  week. 


centurylink.com/link 


Data  •  Voice  •  Cloud  •  Managed  Services 


CenturyLink* 


Business 


Your  link  to  what's  next’ 


tea ' 


. .  A  m 


NEWS  ANALYSIS 


Unemployed  database 
designer  Bea  Dewing  checks 
her  phone  for  messages  as  she 
passes  time  in  a  New  York  cafe 
in  March. 


IT  Vets  Say  Job  Offers 
Go  to  Cheaper  Labor 

Tech  pros  with  15-plus  years  of  experience  say  they’re 
getting  bypassed  in  the  job  market  as  employers  hire 
foreigners  and  young  people.  By  Grant  Gross 


TECH  COMPANIES  have  long  called  on  Congress  to  ease 
restrictions  on  high-skill  immigration,  arguing  that 
qualified  tech  workers  are  in  short  supply  in  the  U.S. 
But  veteran  IT  professionals  who  say  they  can’t  find 
jobs  question  that  analysis  of  the  labor  market. 

More  than  a  dozen  longtime  IT  workers,  contacted  through 
the  Programmers  Guild  and  high-skill  immigration  critic  Norm 
Matloff,  computer  science  professor  at  the  University  of  Califor¬ 
nia,  Davis,  said  a  glut  of  low-paid  H-iB  visa 
holders  and  recent  graduates  is  keeping 
them  unemployed  or  underemployed. 

A  recent  study  from  left-leaning  think 
tank  Economic  Policy  Institute  seems  to 
back  up  such  claims,  finding  that  even 
though  “there  is  a  robust  supply  of  domestic 
workers  available  for  the  IT  industry,”  guest 
workers  “make  up  a  large  and  increasing 
portion  of  the  IT  labor  market.” 

The  Information  Technology  Industry 
Council,  a  tech  trade  group,  called  the  EPI 
study  “replete  with  faulty  data,  exaggerated 


claims,  and  plain  wrong  facts.”  It  relies 
on  data  compiled  in  2009,  when  the  U.S. 
was  still  recovering  from  a  recession,  said 
Robert  Hoffman,  the  ITI’s  senior  vice 
president  for  government  relations,  in  a 
blog  post. 

Unemployed  IT  workers  say  otherwise. 
For  instance,  50-year-old  Robert  Wade, 
a  27-year  IT  veteran  with  a  bachelor’s 
degree  in  electrical  engineering  and  a 
master’s  in  industrial  engineering,  has 
worked  for  only  10  of  the  last  40  months. 

The  Indianapolis  resident  has  sought 
tech  jobs  in  Texas,  Florida,  Tennessee  and 
other  states.  “I’ve  even  offered  to  pay  for 
the  move,  and  still  nothing,”  he  said. 

In  addition  to  facing  competition  from 
lower-paid  workers,  job-seeking  IT  veter¬ 
ans  say  they  must  deal  with  employers  that 
set  specific  job  requirements  that  seem  to 
be  designed  to  weed  out  older  workers. 

John  Donaldson,  a  software  developer 
who’s  been  out  of  work  since  October, 
said  he  is  getting  no  job  offers  even  though  he  has 
kept  up  with  Hadoop  and  other  hot  technologies 
and  has  experience  in  SQL,  Java  and  data  model¬ 
ing  and  more.  Many  companies  are  “overly  picky,” 
passing  over  veteran  workers  whose  skills  are 
similar  to  but  not  exactly  the  same  as  those  posted, 
said  Donaldson,  51,  of  Oakland,  Calif. 

Bea  Dewing,  61,  has  strong  experience  in  data 
modeling,  a  skill  that’s  said  to  be  hot,  but  she’s  been 
unemployed  since  December.  She  has  worked  in  the 
tech  industry  since  1986,  as  a  programmer,  a  systems 
analyst,  a  database  designer  and  a  project  manager. 

Dewing  said  she  moved  to  New  York  City  to 
work  on  a  project  but  was  laid  off  and  replaced  by  a 
foreign  worker. 

Greg  Steshenko,  who  immigrated  to  the  U.S.  in  1987  from  what 
was  then  the  Soviet  Union,  hasn’t  worked  steadily  since  2002.  The 
51-year-old  Silicon  Valley  resident  has  a  master’s  degree  in  electri¬ 
cal  engineering  and  bachelor’s  degrees  in  electrical  engineering, 
biochemistry  and  molecular  biology.  He  has  held  engineering  jobs 
in  nanotechnology,  software  and  hardware  design. 

“Since  2002, 1  had  just  very  brief  periods  of  temporary  employ¬ 
ment  as  an  engineer-consultant,  hotel  clerk  and  a  Home  Depot 

associate,”  he  said.  “I’m  overeducated 
and  overexperienced.” 

Steshenko  said  it’s  difficult  to  try 
to  guess  what  skills  companies  will 
want,  because  technology  is  con¬ 
stantly  changing. 

“You  cannot  get  that  experience 
unless  you  are  hired.  And  you  cannot 
get  hired  unless  you  have  that  experi¬ 
ence,”  he  said.  “It  is  the  chicken-and- 
the-egg  situation.”  ♦ 

Gross  is  a  reporter  for  the  IPG 
News  Service 


Since  20(  1 1  had 
w  w  just  brief  periods  of 

temporary  employment  as  an 
engineer-consultant,  hotel  clerk 
and  a  Home  Depot  associate.” 

'  unemployed 

E 


6  COMPUTERWORLD  MAY  20,  2013 


RE UTCRS/CARLO  ALLEGRI 


% 


Get  a  room  full 
of  performance 
without  a  room 
full  of  servers. 

Dense  is  smart.  HP  ProLiant  BL660c  Gen8  servers 
and  HP  ProLiant  DL560  Gen8  servers  accelerate 
performance  with  30%  more  compute*  while 
shrinking  space,  cost,  and  power  demands  to 
deliver  ROI  in  only  3  short  months*. 

The  power  of  HP  Converged  Infrastructure  is  here. 

Register  for  the  IDG  tech  dossier  Density  Makes  the  Difference  at 
hp.com/servers/ProLiantMP5  or  scan  the  QR  code  below. 


HP  BladeSystem  with  HP  ProLiant  BL660c  Gen8  servers 
and  HP  ProLiant  DL560  Gen8  servers  powered  by  the 
Intel®  Xeon®  processor  E5-4600  series 


♦For  details  on  claim  substantiations,  visit  hp.com/servers/ProLiantMP5 

©  Copyright  2013  Hewlett-Packard  Development  Company,  L.P.  The  information  contained  herein  is  subject  to  change  without  notice.  The  only  warranties  for  HP  products  and  serv.ces  are  set  lo.  .a  n  > 
express  warranty  statements  accompanying  such  products  and  services.  Nothing  herein  should  be  construed  as  constituting  an  additional  warranty.  HP  shall  not  be  liable  for  technical  or  editorial  •-•nor-., 
or  omissions  contained  herein. 

Intel,  the  Intel  logo,  Xeon,  and  Xeon  Inside  are  trademarks  or  registered  trademarks  of  Intel  Corporation  in  the  U.S.  and/or  other  countries. 


NEWS  ANALYSIS 


Chinese  Hackers 
Master  the  Art 
Of  Lying  Low 

State-sponsored  cybercriminals  use  simple 
weapons  to  infiltrate  U.S.  networks,  and 
then  quietly  steal  data  while  remaining 
undetected.  By  Jaikumar  Vijayan 


CHINA’S  REMARKABLE  SUCCESS  at  infiltrating  U.S. 

government,  military  and  corporate  networks  in  recent 
years  shouldn’t  be  seen  as  a  sign  that  the  country  is 
gaining  on  the  U.S.  lead  in  cybertechnology  expertise. 
State-sponsored  hacking  groups  in  China  are  no 
more  —  or  less  —  sophisticated  than  criminal  and  politically  mo¬ 
tivated  cybercrime  gangs  elsewhere.  The  difference,  experts  say, 
is  how  the  Chinese  hackers  target  victims,  their  persistence  and 
their  ability  to  lie  low  and  secretly  maintain  access  to  breached 


networks  for  long  periods  of  time. 

The  U.S.  Department  of  Defense 
earlier  this  month,  in  a  departure  from  its 
usually  thinly  veiled  innuendos,  openly 
accused  state-sponsored  hacking  groups 
in  China  of  launching  cyberattacks  aimed 
at  extracting  information  from  the  U.S. 
government,  military  and  businesses. 

Outside  of  the  Pentagon,  such  allega¬ 
tions  aren’t  new.  Security  experts  and 
major  corporations  like  Google  and  Mi¬ 
crosoft  have  long  maintained  that  hackers 
in  China  use  cyberattacks  to  steal  mili¬ 
tary,  government  and  corporate  secrets. 

The  Chinese  government  has  denied 
that  it  coordinates  hacking  campaigns. 

However,  said  Anup  Ghosh,  CEO  and 
founder  of  security  firm  Invincea,  “the 
acknowledgement  by  the  Pentagon  is  a 
first  step  in  publicly  declaring  the  threat.” 

Though  the  tone  of  the  govern¬ 
ment’s  report  on  Chinese  cybercrime  is 
ominous,  the  reality  of  cyber  expertise  in  the  country  is  more 
mundane,  say  security  experts. 

“It’s  not  that  the  Chinese  have  some  unbeatable  way  of  break¬ 
ing  into  a  network,”  said  John  Pescatore,  director  of  emerging 
security  trends  at  the  SANS  Institute.  “What  is  innovative  is  their 
targeting.” 

Pescatore  said  U.S.  contractors  and  defense  and  high-tech 
companies  that  could  be  targets  of  Chinese  espionage  efforts 
should  be  less  concerned  about  the  origin  of  the  attacks  than 
about  the  need  to  shut  down  basic  vulnerabilities  and  fix  configu¬ 
ration  errors  in  their  corporate  networks. 

While  China  likely  does  have  an  arsenal  of  attack  techniques 
and  zero-day  assault  tools,  it  usually  “uses  the  lowest  level  of  tools 
and  the  easiest  means  to  get  in”  to  networks,  said  Dan  McWhort¬ 
er,  managing  director  of  threat  intelligence  at  security  firm  Man- 
diant.  If  the  Chinese  hackers  do  come  up  against  a  sophisticated 
company,  “they  will  up  their  game,”  he  added. 

Many  of  the  hackers  operating  out  of  China  have  become 
adept  at  stealing  legitimate  corporate  network  credentials  and 
then  using  them  to  log  in  as  an  employee,  McWhorter  said. 

After  they  strike,  the  attackers  are  quick  to  erase  all  signs  of  a 
break-in,  making  it  difficult  for  a  company  to  even  know  that  it 
was  compromised.  Therefore,  the  hackers  are  able  to  extract  a  lot 
of  data  without  attracting  suspicion,  McWhorter  said. 

If  a  company  does  discover  such  a  breach,  IT  managers  must 
exercise  great  care  not  to  tip  off  the  hackers,  he  said. 

Unlike  the  exploits  of  many  European  cybergangs,  most  of 
the  malicious  hacking  activity  originating  in  China  focuses  on 
industrial  espionage  and  theft  of  trade  secrets.  McWhorter  said 

Chinese  hackers  gener¬ 
ally  don’t  bother  taking 
financial  data  and  other 
personal  information 
from  individuals.  ♦ 
Jeremy  Kirk  of  the  IDG 
News  Service  contributed 
to  this  story. 


It’s  not  that  the  Chinese  have  some  unbeatable  way  of  breaking 
|  ^P'  into  a  network.  What  is  innovative  is  their  targeting.” 

-tOr  i  f  OR  £  DIRECTOR  OF  EMERGING  SEi 

.  •  «l  -  1 


8  COMPUTERWORLD  MAY  20.  2013 


REUTERS/KIM  KVUNC  HOON 


RICOH 


The 

Weather 


he  tools 
comple- 
d,  robus 
velopmi 
iterprisf 
Drporate 
nd  publi 
fned  and 


Blac 

they 

busi 

app 

envii 

Serv 

app: 


Michelle 

McKenna- 

Doyle 


This  CIO  is  bringing 
analytics  to  the 
gridiron  to  improve 
player  safety. 


What’s  your  favorite  sport 
(after  football)? 

Golf  to  play;  NASCAR  to  watch. 

Android,  iPhone  or 
BlackBerry?  iPhone 

What’s  your  favorite  vice? 

Red  wine.  I’m  heading  out  soon 
for  a  trip  to  the  wine  country. 

What’s  your  favorite 
nonwork  pastime?  Reading. 

What  do  you  consider  to  be 
the  best  book  ever?  To  Kill 
a  Mockingbird.  I  love 
classic  historical  fiction. 


HOW  DO  YOU  KEEP  Wi-Fi  up  and  running  for  80,000  fans  at  the  Super  Bowl? 

That’s  just  one  of  the  challenges  Michelle  McKenna-Doyle  faced  this  year  as 
CIO  for  the  National  Football  League.  These  days,  analytics  is  driving  innova¬ 
tion  at  the  NFL,  and  McKenna-Doyle,  47,  is  leading  the  charge  —  whether  the 
job  is  collecting  statistics  with  sensors  that  track  players  on  the  field  or  moni¬ 
toring  player  safety  through  lab  analysis  of  helmets  that  took  a  pounding  during  games. 


Is  there  something  not  many 
people  know  about  you?  I  love 
to  drive  really  fast  cars  and  once 
dreamed  of  being  a  racecar  driver. 


What  IT-driven  innovations  are  you  focused  on  right  now?  The  technology  coming 
along  is  creating  a  way  to,  perhaps,  innovate  in  how  the  game  itself  is  played.  And 
certainly  in  player  health  and  safety  —  how  we  can  track  what  is  happening  and  the 
overall  wellness  of  players  is  one  of  our  primary  focuses. 

This  year,  we  tested  instrumentation  on  players  in  games.  We  gathered  the  data  and 
were  looking  at  how  to  use  that.  We’ve  also  tested  helmet  impact  analysis  in  the  lab. 


10  COMPUTERWORLD  MAY  20.  2013 


I 


Efficiency 


This  worldwide  event 
is  coming  to  a  city  near 
you  in  June  2013! 


Because  you  asked  for  the  big  picture. 

Introducing  DCIM  with  visibility  from  building  to  server: 
StruxureWare  for  Data  Centers  software  suite. 


The  total  view  you  need 

Seeing  across  your  data  center’s  physical  infrastructure  from  the  building  level 
down  to  the  server  level  (and  vice  versa)  is  imperative  to  balance  availability 
and  efficiency.  Today,  you  need  to  adapt  quickly  to  business  requirements 
without  risking  availability  or  system  efficiency.  Not  only  does  an  end-to-end 
view  protect  system  availability,  it  can  enable  concrete  energy  and  operational 
efficiency  gains  as  well. 


Maximize  Optimize 

efficiency  availability 


Improve  energy  efficiency 
by  seeing  data  center 
energy  waste  and,  in  turn, 
eliminating  it. 


Achieve  higher  availability 
with  full  visibility  across 
your  data  center 
physical  infrastructure. 


StruxureWare 


End-to-end  visibility  of  your  data  center: 
>  Visualize  change/capacity  scenarios 


Achieving  the  right  balance 

Schneider  Electric  StruxureWare™  for  Data  Centers  software  provides  this 
total  visibility  by  bridging  facilities  and  IT.  In  fact,  our  advanced  data  center 
infrastructure  management  (DCIM)  software  graphically  shows  your  IT 
equipment  within  the  data  center  physical  infrastructure  layer  —  from  rack  to 
row  to  room  to  building  —  so  you  can  monitor  and  protect  system  uptime, 
as  well  as  simulate  and  analyze  the  effect  of  moves,  adds,  and  changes  in 
relation  to  resource  capacity  and  energy  use.  The  result?  Facilities  and  IT 
easily  can  collaborate  to  ensure  that  the  data  center  can  adjust  at  any  time  to 
business  requirements  while  always  balancing  availability  and  energy  efficiency. 


>  View  your  current  and  historic  PUE/DCiE 

>  Maintain  highest  availability  at  all  times 

>  See  and  manage  your  energy  use 

>  Manage  space  and  cages  in  multi-tenant  facilities 

>  Enhance  life  cycle  services  from  planning 
to  maintenance 


by  Schneider  Electric 


APC”  by  Schneider  Electric  products, 
solutions,  and  services  are  an  integral  part 
of  the  Schneider  Electric  iT  portfolio. 


Business-wise,  Future-driven.™ 


Download  our  FREE  DCIM  white  paper  and  enter  to 

win  a  Google  Nexus  10  tablet! 

Visit  www.SEreply.com  Key  Code  a196u  Call  888-289-2722  x6540 


Schneider 

^Electric 


©2013  Schneider  Electric.  All  Rights  Reserved.  Schneider  Electric,  APC,  StruxureWare,  and  Business-wise,  Future-driven  are  trademarks  owned  by  Schneider  Electric 
Industries  SAS  or  its  affiliated  companies.  All  other  trademarks  are  the  property  of  their  respective  owners,  www.schneider-electric.com  •  998-1 187090_GMA-l!S_Nexus 


THE  GRILL  I  MICHELLE  McKENNA-DOYLE 


l speak  the  language  of  the 
business  first  and  the  language 
of  technology  second.  I  am  a 
translator. 


Our  chief  medical  officer  is  bringing  forth  all  sorts  of 
new  ideas  of  things  that  they  want  us  to  test. 

Were  also  testing  next-generation  statistics,  which 
uses  instrumentation  to  track  players’  movements  on  the 
field  and  collect  stats.  All  of  that  is  under  way,  and  you’ll 
see  more  of  that  in  the  next  year  or  so. 

Do  you  plan  to  capture  every  movement  of  every  play  on 
the  field  with  instrumentation?  In  tests  you  can  watch 
the  trail  of  a  player  and  you  can  overlay  that  with  the 
play  called.  You  can  see  the  route  they  were  supposed 
to  run  and  what  they  actually  ran.  Coaches  love  the 
thought  of  being  able  to  take  that  and  have  one-on-one 
coaching  with  the  players. 

In  your  career,  you  have  held  executive  roles  outside 
of  IT.  How  has  that  helped  you  in  your  role  as  CIO?  At 

Disney,  I  started  in  finance  and  worked  through  all  of 
the  different  divisions.  That  gives  me  an  advantage  in 
terms  of  being  a  successful  CIO.  I  speak  the  language  of 
the  business  first  and  the  language  of  technology  second. 
I  am  a  translator. 

Do  you  see  most  CIOs  today  coming  from  other  parts  of 
the  business,  as  you  did,  or  coming  up  through  the  IT 

ranks?  Unfortunately,  it’s  people  coming  from  other  parts 
of  the  business.  That’s  disheartening  to  the  smart  people 
I  have  working  for  me  in  technology.  They  need  visibility. 
My  team  did  a  leadership  assessment,  and  several  people 


put  in  their  plan  that  they  wanted  to  be  CIO  but  none  of 
them  knew  how  they  were  going  to  get  there. 

Will  you  rotate  aspiring  CIOs  into  other  areas  of  the 
business  to  give  them  that  visibility?  Yes.  In  fact,  the 
NFL  just  started  a  rotational  program.  But  if  your  bench 
isn’t  deep  enough,  you  can’t  afford  to  let  a  technical  skill 
move,  and  it’s  hard  to  get  that  deep  bench  because  IT 
budgets  are  constrained.  It  takes  courage  to  say,  ‘If  I’m 
going  to  have  a  successor,  you  need  to  bring  someone  in 
so  I  can  let  this  person  rotate.’ 


How  else  is  IT  driving  innovation  and  adding  to  the 
bottom  line?  Analytics  is  where  you  drive  top-line  revenue. 
IT  professionals  have  the  ability  to  see  a  cross-section  of 
the  whole  organization.  You  [could]  have  this  division  of 
the  company  pursuing  this  goal  and  that  division  pursuing 
that  one,  and  they’re  not  necessarily  aligned.  Because  we’re 
building  both  of  those  solutions,  we  can  raise  the  issue  and 
talk  about  where  we’re  going  to  put  all  of  our  investment. 


But  does  IT  have  time  to  look  for  those  opportunities?  It 

takes  a  willingness  to  do  it  and  a  leader  who  will  give  you 
the  time  to  do  it.  If  your  day  is  spent  analyzing  equipment 
performance  and  you  don’t  have  a  chance  to  do  that  kind 
of  analysis,  then  how  do  you  ever  get  there? 

What  I  am  trying  to  form  at  the  NFL,  as  I  did  at  Constel¬ 
lation  Energy,  is  an  IT-focused  analytics  job.  Marketing  has 
research,  but  IT  holds  the  keys  to  all  of  that  data.  Not  only 
do  you  have  to  train  yourself  on  how  to  build  good  databases 
and  how  to  build  a  data  warehouse  but  also  to  understand 
the  data  well  enough  to  know  which  things  it  makes  sense 
to  link  together  for  the  insight  it  gives  you  —  that  is  some¬ 
thing  that  an  IT  person  can  see  and  help  prioritize. 

What  other  analytics-focused  projects  are  you  driving? 

We’re  looking  at  player  performance.  [For  example,  when 
teams  get  ready  for  the  draft]  there’s  all  types  of  data  to 
look  at  around  statistics  and  players  and  doing  predictive 
analysis  in  terms  of  this  person  looks  like  this  person  and  if 
I  lose  this  person  in  the  draft  who’s  my  next  guy  that’s  most 
like  him.  We  pull  that  data  together,  keep  it  up  to  date  and 
publish  in  real  time.  Scouts  are  just  starting  to  use  it. 


How  do  you  deal  with  connectivity  and  mobile  in  the  stadi¬ 
ums?  It’s  a  big  challenge  for  Wi-Fi.  When  you  have  80,000 
people  all  going  at  the  same  time  it  puts  a  challenge  on  con¬ 
nectivity.  We’re  leading  the  charge  on  that  and  helping  the 
stadiums  figure  out  how  they  can  keep  fans  connected. 


If  you're  at  the  Super  Bowl,  why  would  you  be  watch¬ 
ing  your  phone?  It’s  a  generational  thing.  My  15-year-old 
daughter  sat  next  to  me  at  the  Super  Bowl  and  she  was  on 
her  phone  the  whole  time.  She  loves  football;  she  was  very 
excited  about  it.  But  she  was  just  as  engaged  with  talking 
to  her  friends  online  about  what  she  was  seeing.  That’s  not 
going  to  change.  It’s  only  going  to  become  more  prevalent. 


-  Interview  by  Robert  L.  Mitchell 


12  COMPUTERWORLO  MAY  20.  2013 


BROCADE 


BUT  DEPLOYING,  MANAGING.  AND  SCALING 
YOUR  NETWORKS  JUST  GOT  EASIER. 


Brocade®  helps  you  capitalize  on  today’s  fundamental  IT  transformation  by  delivering 
radically  simplified  architectures  with  data  center-class  performance.  Meeting  the 
increasing  demands  of  a  virtualized  world  is  your  mission.  Making  networks  easier 
to  deploy,  manage,  and  scale  is  ours.  Let’s  work  together. 


Google  Glass  Will  Be 
A  Big  Deal,  So  Deal  With  It 


Yes,  Glass 
will  change 
how  we 
think  about 
privacy  in 
public  places, 
but  that’s 
nothing  new. 


Steven  J.  Vaughan- 
Nichols  has  been 
writing  about 
technology  and  the 
business  of  technology 
since  CP/M-80  was 
cutting-edge  and 
300bps  was  a  fast 
Internet  connection  - 
and  we  liked  it! 
He  can  be  reached  at 
sjvn@vnal.com. 


PERHAPS  NO  GROUP  has  earned  a  borderline  obscene  pejorative  as 
quickly  as  the  wearers  of  Google  Glass.  I  mean,  the  product,  not 
due  for  release  until  early  next  year,  is  seen  in  the  wild  today  only 
on  the  few  thousand  who  are  its  early  testers.  And  yet  we  already 


have  the  term  “glasshole.”  Google  Glass  has  also 
been  banned  ahead  of  its  release.  This  all  seems 
to  stem  from  the  belief,  voiced  by  writers  such  as 
Jason  Perlow,  that  Google  Glass  is  evil,  since  “it’s  a 
‘stealth’  recording  device.” 

My  advice  to  anyone  freaking  out  over  Glass: 
Get  over  it. 

Sure,  there  is  something  unsettling  about  the 
evolution  of  Glass.  Eventually,  you  are  going  to 
have  to  look  really  closely  to  tell  whether  a  pair  of 
eyeglasses  is  computerized.  And  there’s  no  ques¬ 
tion  that  Glass  can  be  used  in  socially  unaccept¬ 
able  ways.  But  personally,  I’m  a  lot  more  bothered 
by  the  constant  cracking  of  websites  holding 
personal  information  than  I  am  by  the  idea  that 
someone  could  record  me  in  the  restroom. 

No  question:  Glass  is  going  to  change  how  we 
think  about  privacy  in  public  spaces.  But  such 
rethinking  has  already  been  necessary  for  years. 
Smartphones  required  it.  For  that  matter,  so  did 
the  invention  of  the  camera. 

In  the  past  few  weeks,  I’ve  seen  people  using 
smartphones  to  take  photos,  record  videos,  tweet 
and  text  during  live  performances  in  Broadway 
theaters  and  at  rock  ’n’  roll  music  venues.  In  every 
restaurant  I’ve  patronized,  at  least  a  fifth  of  the 
people  were  locked  into  their  tablets  and  smart¬ 
phones,  even  as  the  people  at  the  table  with  them 
were  talking.  I  don’t  like  it,  and  I’m  not  one  of  those 
people.  But  the  genie  is  out  of  the  bottle.  Google 
Glass  is  just  the  next  step  toward  the  collapse  of  the 
barrier  between  the  private  and  the  public. 


There’s  always  good  and  bad  with  these  sorts 
of  developments.  Sure,  phone  cameras  brought  us 
upskirt  photos,  but  they  also  were  the  means  of 
exposing  the  prisoner  abuse  in  Abu  Ghraib.  And 
there’s  nothing  new  about  personal  computing  in 
the  public  sphere.  There  isn’t  even  anything  new 
about  wearable  computers.  I  first  used  a  Xyber- 
naut  Poma  Wearable  PC  in  2002.  The  technol¬ 
ogy  made  you  look  like  a  member  of  the  Borg 
collective  from  Star  Trek  and  was  about  as  popular 
as  being  assimilated.  With  Google  Glass,  though, 
resistance  might  be  futile. 

With  Google  Glass  and  its  imitators,  that  is. 
Other  companies,  such  as  Apple,  Baidu  and  Tele¬ 
pathy,  are  building  their  own  wearable  computers. 
Indeed,  I’ll  be  very  surprised  if  Google  Glass  is 
the  first  such  product  to  market.  And  the  technol- 
ogy  won’t  be  for  nerds  only.  There  are  just  far 
too  many  ways  Google  Glass  and  its  cousins  can 
be  useful  for  this  to  be  anything  but  a  success. 
When  you’re  conducting  a  job  interview,  you  can 
unobtrusively  look  at  the  applicant’s  resume  on 
Linkedln  or  check  what  he’s  been  posting  publicly 
on  Facebook.  Your  mechanic  will  be  able  to  throw 
schematics  onto  his  heads-up  display  as  he  works 
on  your  engine. 

So  stop  crying  about  Google  Glass  and  get  used 
to  how  it’s  going  to  accelerate  the  blending  of 
the  public  and  the  private.  Yes,  it’s  scary.  But  all 
sea-change  technologies  are  frightening  at  first. 
The  sooner  you  adapt,  the  sooner  you’ll  be  able  to 
profit  from  it  instead  of  being  paralyzed  by  it.  ♦ 


14  COMPUTERWORLD  MAY  20.  2013 


The  platform 


-X 

Copyright  f  .2013  VMware,  Inc.  ' 

%  .V  .iVvV-^&V; 

.  .  •  v  •  ..  :>v  :• 

■  '  .-v.  -:  ;V.V. Vr;: 


'‘‘.'•.r'l- 


of  the  past  is  no 


match  for  the 
data  center  of 
the  future. 


We’re  not  retrofitting  20-year-old  operating 
systems  with  virtualization.  Choose  the 
world’s  most  proven  enterprise  virtualization 
technology  and  reach  new  levels  of 
efficiency,  control  and  agility  for  the  new 
cloud  era.  VMware  vCloud-J  Suite  delivers 
the  Software-Defined  Data  Center,  now. 


vmwa  re' 

Visit  vmware.com/sddc 


The 

Software-Defined 
Data  Center 

from  VMware. 


COVER  STORY 


6' 


■  r 


,  ' 


Managing  the  flow  of  an  infinite 
,  supply  of  worthwhile  projects 
through  a  finite  IT  operation 
takes  finesse.  Here’s  howto 

.  \  ,  ,V 

avoid  the  backlog  and  the  chaos. 

.  '•  ;  •  v’t  S  *  . 

'  •  * 1  ■  ■ .  y > 

.  V'  <  ■'  '  *VW  r  H;  • . 

•  ;  •<  • :  O’.; 


16  COMPUTERWORLO  MAY  20.  2013 


OT  LONG  AGO,  IT  consultant 
Mark  A.  Gilmore  was  called  in 
to  help  an  IT  department  that 
was  struggling  with  projec  t 
overload.  “They’d  gotten  this 
kind  of  attitude  —  t lie  executive 
vice  president  calls  it  ‘Burger  King  Syn¬ 
drome',  he  recalls.  “  I  heir  appro  at  h  was. 
You  can  have  it  your  way. 


COVER  STORY 


The  business  executives  believed  IT  could  supply  whatever  they 
wanted,  whenever  they  wanted  it.  Salespeople  had  gotten  into  the 
habit  of  asking  the  development  team  to  create  applications  within 
a  week  to  fulfill  promises  they’d  made  to  customers.  As  a  result,  IT 
employees  were  spending  about  80%  of  their  time  reacting  to  crises 
or  struggling  to  meet  impossible  deadlines  rather  than  calmly  plan¬ 
ning  their  workloads,  says  Gilmore,  president  of  Wired  Integra¬ 
tions  in  San  Jose.  In  the  meantime,  basic  technology  improvements 
weren’t  getting  done.  For  example,  Gilmore  was  surprised  to  dis¬ 
cover  that,  though  the  company  had  a  large  data  center  with  several 
hundred  servers,  there  was  almost  no  virtualization. 

“You  can’t  operate  that  way  because  it  creates  chaos,”  he  says. 
“The  quality  of  the  work  gets  degraded.  People’s  happiness  level 
gets  degraded,  and  it  becomes  a  miserable  environment.” 

Unfortunately,  this  very  situation  has  become  the  norm  in 
many  IT  departments.  “It  turns  out  to  be  a  chronic  problem,” 
says  Gartner  analyst  Robert  Handler,  who  notes  that  his  firm’s 
research  suggests  that  at  least  one-third  of  funded  technology 
projects  are  currently  in  a  backlog,  waiting  for  IT  to  start  on 
them.  That’s  not  a  good  sign,  he  says  —  especially  since  there’s 
strong  evidence  that  overloaded  IT  professionals  are  measurably 
less  productive  than  ones  with  reasonable  workloads. 

An  improving  economy  is  probably  to  blame  for  the  added 
strain.  In  Computerworld’ s  Forecast  2013  survey,  43%  of  respon¬ 
dents  said  they  expected  their  IT  budgets  to  rise  this  year,  up 
from  36%  last  year.  Sixty-four  percent  anticipated  making  a 
major  IT  investment.  At  the  same  time,  59%  reported  that  con¬ 
taining  costs  was  a  priority.  In  the  real  world,  that  translates  into 
a  growing  number  of  projects  flowing  through  IT  departments 
whose  staffing  levels  have  remained  flat. 

“Over  the  years,  there  had  been  pretty  steady  improvement, 
with  backlogs  going  down  and  developer  productivity  going  up,” 
Handler  says.  “The  most  plausible  explanation  is  that  the  credit 
collapse  of  2008  led  to  companies  stopping  everything  they 
possibly  could.”  In  2010,  he  notes,  IT  productivity  again  began  to 
slip,  leading  him  to  suspect  techies  were  once  again  getting  over¬ 
loaded.  Sure  enough:  “We  started  looking  at  other  data  sources 
and  saw  backlogs  building  up,”  Handler  says.  Piling  more  and 
more  work  onto  IT  is  like  pouring  too  much  water  into  a  funnel, 
he  says:  It  works  for  a  while,  but  then  “all  of  a  sudden  there’s  too 
much  and  it  makes  a  big  mess.” 

A  High-Level  View 

How  do  you  stop  the  madness?  It  begins  with  a  long-term,  high- 
level  approach  that  takes  IT’s  most  important  goals  into  account. 
Unfortunately,  many  IT  shops  aren’t  taking  such  an  approach. 
“When  I  stepped  into  this  role  a  couple  of  years  ago,  we  probably 
had  more  than  200  projects  going  at  any  given  time,  but  we  were 
responding  to  a  lot  of  quick-reaction  type  things.  There  wasn’t  much 
of  a  coherent  strategy  that  linked  all  those  things  together,”  says  Joe 
Mahaffee,  executive  vice  president  and  chief  information  security 
officer  at  Booz  Allen  Hamilton,  a  management  and  IT  consultan¬ 
cy  in  McLean,  Va.,  that  had  revenue  of  $5.86  billion  in  2012. 

So  Mahaffee  and  his  team  worked  with  corporate  leaders  to 
identify  seven  strategic  initiatives  they  believed  would  be  impor¬ 
tant  and  then  plan  what  needed  to  be  done  to  complete  those 
projects  within  a  couple  of  years.  For  instance,  a  decision  to  move 
to  unified  communications  allowed  the  firm  to  stop  spending 
money  on  extensive  PBX  systems.  “Now  if  we’re  modernizing  an 


Reserve 


T’S  ALWAYS  A  BAD  IDEA  to  plan  more  projects 
than  your  IT  department  has  the  capacity  to  carry 
out.  But  should  you  plan  substantially  fewer,  keeping 
some  IT  work  hours  in  reserve  for  contingencies? 

That’s  what  Gartner  analyst  Robert  Handler  ad¬ 
vises.  “In  theory,  if  everyone  came  to  the  table  during 
budget  time  with  information  on  all  the  systems  they  need, 
it  might  be  possible"  to  plan  to  work  at  full  capacity,  he  says. 
“But  a  week  or  two  after  budgets  are  done,  there  are  already 
a  lot  of  requests  for  new  stuff.  We’re  in  a  complex  world  and 
there  are  changes  constantly  coming  from  markets  and  legis 
lature.  They  destroy  the  predictability  of  projects." 

Few  IT  operations  are  effective  at  dealing  with  the  unpredict¬ 
able  nature  of  their  work,  says  Handler.  So  he  looked  at  other 
fields  for  inspiration.  He  found  it  in  new  product  developmt 
“Their  response  is  to  maintain  reserve  capacity  for  uncertain¬ 
ty,"  he  says.  He  believes  IT  departments  should  do  the  same. 

“Some  business  leader  will  say,  'We  need  this  project  to  do 
business,'  and  if  the  CIO  says,  'No,  we  can’t,  we're  at  capacity,’ 
the  answer  will  be,  ‘Then  we'll  get  it  elsewhere  because  we 
need  it!'  I  suggest  you  reserve  capacity  for  that  situation." 

IT’s  goal  should  be  to  run  at  80%  of  capacity,  reserving  the 
extra  20%  for  “things  that  come  out  of  nowhere,"  he  says. 

Todd  S.  Coombes,  executive  vice  president  and  CIO  at  ITT 
Educational  Services,  disagrees.  “I’ve  worked  in  environments 
where  you  set  up  contingencies,  and  I  prefer  to  work  based  on 
historc  data.”  he  says.  "If  my  data  from  past  projects  tells  me  1 
need  to  reserve  a  certain  amount  of  time  for  unplanned  activi¬ 
ties,  we'll  work  toward  that,  rather  than  assume  we  need  to 
build  in  an  extra  20%  thinking  things  might  go  wrong."  When 
people  know  they  have  that  leeway,  they  tend  to  use  it,  he  ex¬ 
plains,  adding.  “I  like  to  have  things  a  little  tighter.” 

Coombes  says  he  uses  detai  d  planning  of  every  IT  em¬ 
ployee's  time,  and  then  has  them  track  their  activities  as 
projects  progress.  "We  can  see  historically  what  they  actually 
spent  their  time  on,”  he  says.  “It's  kind  of  a  feedback  loop  of 
planning  and  setting  our  capacity  target,  collecting  actual 
information  and  then  studying  the  data.”  That  process  allows 
for  increasingly  accurate  planning. 

This  way,  Coombes  can  plan  for  the  unexpected  on  those 
projects  that  warrant  it.  “I  don't  know  exactly  what  unexpect¬ 
ed  thing  will  happen,  but  historically  I  know  it's  going  to  be 
something,”  he  says.  “So  we  will  build  that  into  our  capacity 
model.  But  it's  based  on  what  we  know  to  expect." 

MINDA  ZETLIN 


18  COMPUTERWORLD  MAY  20.  2013 


(POWERFU 

,4;'  v: 


The  mobile  technology  to  turn  bright  ideas  into  successful  projects.  The  innovators  at  Verizon  have  created 
enterprise-ready  solutions  for  today's  collaborative  workforce.  Using  the  security  and  speed  of  the  Verizon 
4G  LTE  network,  along  with  the  latest  devices  and  video  conferencing  apps,  these  solutions  help  create  a 
workplace  where  ideas  move  freely  among  groups.  The  result  is  an  environment  ready  for  inspiration  to  strike. 

Because  the  world's  biggest  challenges  deserve  even  bigger  solutions. 


Solutions  for  Mobility:  verizon.com/mobileworkforce 


COVER  STORY 


office,  we  invest  in  voice-over-IP  technology  instead,”  he  says. 

A  strategic  approach  won’t  work  without  the  support  and 
participation  of  upper  management.  That’s  why  many  IT 
departments  find  that  establishing  a  governing  group  of  some 
sort  —  one  made  up  of  IT  leaders  and  their  upper-level  business 
counterparts  —  is  the  first  step  to  taming  a  chaotic  IT  workload. 

“About  a  year  ago,  we  changed  the  model  of  how  we  govern  all 
IT  projects,”  Mahaffee  says.  “There  were  four  governance  models 
that  had  some  sort  of  contact  with  IT,  and  we  centralized  all  that. 
Now  we  have  one  governing  body  providing  direction  and  helping 
us  define  priorities.”  That  group  includes  Mahaffee,  Booz  Allen 
CIO  Kevin  Winter  and  leaders  from  each  of  the  company’s  mar¬ 
keting  teams  and  major  departments.  All  in  all,  the  group  is  about 
15  people  who  meet  fairly  frequently.  “It  helps  me  keep  alignment 
with  the  business,”  says  Winter.  “Requests  get  funneled  to  this 
body  so  decisions  aren’t  made  in  a  vacuum.  Everybody  around  the 
table  gets  a  say  in  what  gets  funded.” 


it  through,  and  if  they  understand  the  reasons  for  the  decision, 
they’ll  still  be  happy  80%  of  the  time.” 

You  might  be  able  to  enhance  that  dynamic  by  getting  your 
company’s  executives  to  literally  sign  on  to  the  process,  he  adds. 
“If  you  get  people  to  agree  to  both  the  objectives  of  the  process 
and  the  process  itself,  they  will  tend  to  accept  it  because  of  a  phe¬ 
nomenon  called  ‘commitment  consistency,”’  he  says.  That  effect 
doubles  when  people  agree  to  something  without  feeling  forced 
and  have  done  something  active  to  signal  that  agreement. 

Measuring  IT  Capacity 

How  do  you  know  how  much  you  can  take  on  in  the  first  place? 
How  many  projects  are  too  many? 

The  only  way  to  find  out  for  sure  is  to  track  IT  capacity  —  the 
number  of  working  hours  available  in  your  department.  “You  have  a 
mixture  of  both  projects  that  create  some  kind  of  improvement  and 
‘keep  the  lights  on’  activities,”  Coombes  says.  “That’s  the  demand. 
We  have  to  make  sure  we  have  enough  capacity  to  handle  those 
lights-on  jobs,  and  then  figure  out  how  to 
provide  capacity  for  the  new  projects.” 

Coombes  uses  what  he  calls  the  “capacity 
model”  to  plan  IT  employees’  workloads. 
“We  actually  plan  for  the  period  before  a 
release  what  we  expect  for  individual  people 
working  on  a  project,  based  on  their  avail¬ 
ability,”  he  says.  “We  plan  for  a  full  eight- 
hour  day,  but  we’re  not  going  to  book  eight 
hours  of  development  time  for  a  developer. 
We  may  need  to  set  aside  two  hours  for  ad¬ 
ministrative  tasks  and  answering  questions 
that  come  up.  So  there  might  be  six  hours 
available  for  software  development.” 

In  that  case,  he  says,  the  developer 
may  be  booked  to  work  two  hours  on  one 
project,  two  hours  on  a  second  and  two 
hours  on  a  third.  And  that’s  it.  His  capacity 
for  the  day  is  used  up.  “That’s  the  only  way 
to  do  it,”  Coombes  says.  “Otherwise,  we 
tend  to  overbook  people.” 

“There’s  often  this  perception  that 
people  who  are  working  eight  hours  a  day  have  another  eight 
hours  available,”  Handler  notes  dryly. 

The  Challenge  of  Key  Employees 

Measuring  capacity  alone  isn’t  good  enough,  since  not  all  IT 
employee  hours  are  created  equal.  “You  need  to  think  about  it 
in  granular  terms,”  Coombes  says.  “Not  only  hours  of  work  but 
development  hours,  testing,  architecture,  project  management.” 

Indeed,  the  need  to  find  people  with  both  the  right  skills  and 
enough  free  time  often  stops  projects  in  their  tracks.  And  since 
technical  work  can  often  be  outsourced,  the  missing  resource  is 
usually  project  management  and/or  business  expertise. 

“Are  you  comfortable  outsourcing  the  project  management 
function?”  asks  Bruce  Myers,  managing  director  at  consulting 
firm  AlixPartners.  “Some  companies  are  fine  doing  that,  but 
others  aren’t.  That  is  most  often  the  limiting  factor.” 

“You  really  are  constrained  not  only  by  hours  and  functions,  but 
also  by  the  expertise  you  have  in  the  business  context,”  Coombes 
says.  “That  really  is  the  key  to  understanding  what  a  subject-matter 


Knowing  When  to  Say  No 

More  important,  there  is  top-level  backing 
for  decisions  about  what  doesn’t  get  funded. 

Experts  agree:  The  only  way  to  put  an  end 
to  IT  overload  is  with  the  support  of  upper- 
level  management.  One  of  Gilmore’s  first 
acts  at  the  company  with  the  overloaded  IT 
department  was  to  decree  that  IT  would  not 
take  on  new  projects  for  a  time.  And  he  did 
that  with  the  complete  support  of  the  com¬ 
pany’s  top  executive,  who  had  heard  about 
enough  problems  with  technology  projects 
to  know  something  had  to  change. 

“If  you  try  to  start  doing  this  without 
top-level  support,  business  group  leaders  will 
go  back  to  the  top  executives  and  say,  ‘IT  isn’t 
giving  me  what  I  need  and  therefore  I’m  not 
meeting  the  goals  you  set  for  me,”’  he  says. 

“I  typically  am  involved  in  conversations 
about  projects  that  have  to  be  delayed  —  but 
our  business  leadership  is  also  involved,” 
says  Todd  S.  Coombes,  executive  vice 
president  and  CIO  at  ITT  Educational  Services,  a  postsecondary 
education  company  based  in  Carmel,  Ind.,  with  140  campuses 
around  the  country.  “Our  group  of  high-level  executives  works 
together  well,  and  we’re  all  in  the  discussion  before  a  decision  is 
made.  Typically,  I  don’t  have  to  deliver  the  message  at  that  level.  I 
may  have  to  at  a  lower  level,  and  I  don’t  mind  because  I  have  the 
backing  of  my  boss.” 

When  you  do  have  to  say  no  to  a  project,  your  goal  should  be 
for  the  person  who  hears  that  no  to  feel  good  about  the  rejection. 
This  is  especially  true  if  you’re  seeking  to  reduce  or  eliminate 
shadow  IT  operations,  which  are  typically  set  up  by  business 
executives  who  decide  to  take  matters  into  their  own  hands  when 
they  can’t  get  IT  to  provide  a  desired  technology  quickly  enough. 
“If  they  hear  no  without  having  bought  into  how  that  no  was 
arrived  at,  they’ll  get  it  from  someone  else,”  Handler  warns. 

The  key  is  transparency.  “If  you  have  a  CIO  deciding  what 
gets  done  and  what  doesn’t,  the  people  who  get  their  projects 
done  will  be  happy,”  he  continues.  “The  people  who  don’t  get 
their  jobs  done,  if  they  think  the  CIO  was  fair  and  really  thought 

20  COMPUTERWORLD  MAY  20.  2013 


teople  who  don't 
their  jobs  done, 

hinktheCIO 
was  hair  ana  really 
thought  it  through, 
and  if  they  understand 
the  reasons  for  the 
decision,  they’ll  still  be 
happy  80%  of  the  time. 


ROBERT  HANDLER,  ANALYST,  GARTNER 


RISKS  AND  REWARDS 

EMPLOYEE-OWNED  DEVICES  IN  THE  WORKPLACE 


COMPANIES  THAT  EMBRACE 

MOBILE  DEVICE  CONSUMERIZATION  WILL  BE 
MORE  COMPETITIVE  IN  THE  BUSINESS  ARENA. 


IN  2016, 350  MILLION  EMPLOYEES 
WILL  USE  SMARTPHONES.  200  MILLION 
OF  THOSE  WILL  BRING  THEIR  OWN.1 2 


- o  v».- 32 % Sssss s 


MOBILE  IS  THE  NEW  BUSINESS  AS  USUAL 


Today's  hyper-connected  employees  are  changing  the 
way  business  is  done.  Mobile  devices  have  invaded 
the  workplace,  creating  new  security  risks  and 
compliance  challenges  as  company  data  leaves  the 
safety  net  behind  the  firewall  and  is  shared  across 
devices,  in  the  cloud  and  via  social  networks.  Yet 
companies  that  empower  their  employees  with  the 
freedom  to  work  however,  whenever  and  wherever 


they  are  most  productive  will  position  themselves 
to  be  more  competitive  in  the  business  arena.  The 
consumerization  of  mobile  devices,  coupled  with 
ever-growing  technology  advancements,  is  driving 
businesses  to  rethink  their  mobile  strategy. 

THE  CHALLENGE:  how  to  reap  the 
rewards  while  mitigating  the  risks. 


OF  EMPLOYEES 
USE  AT  LEAST  ONE 
MOBILE  DEVICE  FOR 
BUSINESS  USE.2 


Done  right,  mobile  initiatives  deliver  an  excellent  return  on  investment: 

•  Increase  communication  and  collaboration. 

•  Boost  employee  productivity  and  increase  customer  responsiveness. 

•  Provide  device,  location  and  access  flexibility  to  mobile  workers. 


1  Mobile  Is  the  New  Face  of  Engagement,  Forrester  Research,  Inc. 

2  "The  Latest  Infographics:  Mobile  Business  Statistics  for  2012,"  Forbes,  May  2,  2012. 


TAKING  THE  FIRST  STEP. 

Enterprise  mobility  is  poised  to  fundamentally 
change  the  IT  landscape.  As  companies  prioritize 
and  evolve  their  mobile  strategies,  envisioning 
new  processes  and  adopting  new  communications 
platforms,  no  single  issue  is  more  critical  than 
mitigating  security  risks,  including: 

•  Providing  authentication  access  via  certificates 

•  Updating  access  policies  remotely 

•  Managing  user  identities  across  multiple  systems 
and  applications 


•  Providing  a  centralized  source  of  user  identities 

•  Enabling  secure  and  controlled  access  to  corporate 
data  through  mobile  applications 

To  meetthese  hurdles  head  on,  IT  departments  need 
to  re-evaluate  their  current  mobile  security  policies 
and  develop  a  comprehensive  strategy  to  create  a 
solid  foundation  for  long-term  mobile  success. 


ENTERPRISES  ARE  TURNING  TO  VERIZON  TO  PROVIDE  SECURE 
MOBILITY  SOLUTIONS  FOR  TODAY'S  BIGGEST  BUSINESS  CHALLENGES. 


INDUSTRY  USE-CASE  SCENARIOS 


EMPLOYEE-OWNED  DEVICE 
solutions  make  it  easier  for 
businesses  to  manage  employee- 
and  corporate-liable  devices, 
data  and  applications  safely 
and  effectively. 

MANUFACTURING 

Challenge:  To  support  thousands  of 
disparate  devices,  apps,  people  and 
job  functions,  a  large  multinational 
company  needed  to  develop  a 
mobility  roadmap  that  allowed 
employees  to  use  their  own  devices 
while  still  keeping  proprietary  data 
secure.  So  they  turned  to  Verizon 
for  a  beginning-to-end  mobility 
strategy  and  security  assessment 
that  seamlessly  established 
governance  and  policies. 

Result:  Developed  stringent 
mobile  security  requirements 
enforced  through  cloud-based 
solutions,  while  expanding  support 
for  employee-owned  devices — 
improving  mobile  productivity. 


IDENTITY  AND  ACCESS 
MANAGEMENT  (I  AM)  solutions  help 
identify  vulnerabilities  and  risks, 
making  it  easier  to  manage  identities 
and  provide  reliable  corporate 
access  to  a  mobile  workforce. 

PHARMACEUTICAL 

Challenge:  When  the  Drug 
Enforcement  Agency  changed 
regulations  to  permit 
e-prescriptions,  it  opened  the 
door  for  pharmacies  to  deliver 
medication  to  patients  faster,  but 
also  created  new  obstacles  due  to 
stringent  security  and  compliance 
regulations.  An  industry-leading 
pharmacy  chain  chose  Verizon  to 
develop  an  1AM  solution  that  allows 
physicians  to  electronically  create 
and  transmit  prescriptions,  in  real 
time,  directly  to  pharmacies  via 
mobile  devices. 

Result:  Improved  security, 
accuracy,  speed  and  consistency 
of  prescription  fulfillment. 
Implemented  a  cloud-based 
authorization  process  that  speeds 
up  delivery  to  market  and  ensures 
compliance  and  security  regulations 
are  met. 


APPLICATION  INTEGRATION 
solutions  provide  development 
frameworks,  platforms  and  the 
expertise  to  help  businesses 
securely  deploy,  distribute,  manage 
and  support  mobile  apps. 

TECHNOLOGY 

Challenge:  A  leading  technology 
company  needed  to  improve  the 
handling  of  urgent  orders  at  the 
end  of  every  month.  They  turned  to 
Verizon  to  help  find  solutions  that 
could  speed  up  order  processing  and 
delivery.  Now  sales  management 
teams  can  quickly  approve 
pending  orders  in  SAP  and  initiate 
provisioning  and  service-delivery 
workflows  through  their  enterprise 
resource  planning  (ERP)  system— all 
from  mobile  applications  on  their 
iPad®  tablets. 

Result:  Reduced  costs  and 
saved  time  in  mobilizing  existing 
applications  across  multiple 
devices.  Faster  decision  making, 
increasing  sales  and  enhancing  the 
customer  experience. 


VERIZON  WAS  THE  NUMBER-ONE-RANKED  TELECOM  COMPANY 
IN  FORTUNE  MAGAZINE'S  2012  LIST  OF  THE  WORLD'S  MOST  ADMIRED 
COMPANIES,  INCLUDING  FIRST-PLACE  RANKINGS  FOR  INNOVATION 
AND  QUALITY  OF  PRODUCTS  AND  SERVICES .* 3 


CREATING  A  MOBILE  ROADMAP. 

The  best  strategy  starts  with  clarifying  your  objectives  to  meet  the  needs  of 

your  employees  and  your  company: 

•  What  systems  do  you  have  in  place  to  protect  company  assets  that  are 
accessible  to  mobile  employees,  customers  and  others? 

•  How  will  you  address  the  evolving  security  and  privacy  issues  associated  with 
both  corporate  data  and  personal  data  residing  on  employee-owned  devices? 

•  How  do  you  minimize  risks  by  scaling  access  privileges  based  on  user  need, 
sensitivity/location  of  information  and  regulatory  considerations? 

Partnering  with  a  world-class  solution  provider  to  securely  manage  employee- 

owned  devices  can  help  you  safely  navigate  this  next-generation  mobile  culture. 


Additional  solutions 
that  can  help  your  business 
implement  a  successful 
mobile  strategy: 


MOBILITY  IS  IN  OUR  DNA. 

With  our  deep  knowledge  of  mobile  systems,  we  can  help  you  increase  mobile 
worker  productivity  while  managing  and  securing  your  mobile  world — so  you 
can  grant  access  to  your  network  and  systems  with  confidence. 


Managed  Mobility 
and  Enterprise  Mobility 
as  a  Service 

Mobility  Professional 
Services 


Why  Verizon? 

•  A  leading  provider  of  managed  security  services  and  security  consulting. 

•  The  nation's  largest  4G  LTE  network.  More  4G  LTE  coverage  than  all  other 
networks  combined. 


Wireless  Devices 
Voice  and  Messaging 
Mobile  Applications 
Mobile  Broadband 
Global  Communications 


•  Robust  mobility  professional  services,  life-cycle  services  and  methodologies. 

•  Manage  millions  of  identities  worldwide  for  enterprises  and  governments. 

•  Provider  of  both  cloud-  and  premises-based  dual-persona  solutions. 

•  Global  support  to  assist  you  with  the  architecture,  design  and 
implementation  of  mobile  application  solutions. 

•  Universal  Identity  Services  are  ICAM  and  NIST  Level  3  certified. 


Private  Network  FOR  MORE  INFORMATION,  CONTACT  A  VERIZON  BUSINESS 

SPECIALIST.  OR  VISIT  US  AT  VERIZON.COM/MOBILEWORKFORCE. 


yerizsni 


3  http://newscenter2.verizon.com/press-releases/verizon/2012/verizon-is-top.html 

4G  LTE  is  available  in  more  than  450  markets  in  the  U.S.  Network  details  &  coverage  maps  at  vzw.com.  ©  2013  Verizon  Wireless. 


COVER  STORY 


Take  Up  the  Slack 


HEN  WORK  simply  has  to 
get  done  and  IT  employees 
are  overloaded,  one  solu¬ 
tion  is  to  outsource  some  of 
the  work  for  a  new  project.  Contractors  have 
their  limitations  -  it  may  not  be  appropriate  to 
outsource  project  management,  and  they  won’t 
have  a  detailed  knowledge  of  how  a  particular 
company  functions  or  what  its  priorities  are. 

But  working  with  contractors  does  give  many 
strapped  IT  departments  a  flexible  workforce 
when  projects  pile  up.  “I’ve  worked  with  a  lot  of 
companies  who  use  the  rule  that  one-third  of  IT 
project  work  is  done  in-house,  and  two-thirds 
is  outsourced,"  reports  Bruce  Myers,  managing 
director  at  AlixPartners. 

For  Mazda's  North  American  operations,  rely¬ 
ing  on  IT  contractors  is  a  way  of  life,  according 
to  CIO  Jim  DiMarzio.  This  is  partly  because  the 
auto  industry  in  general  strives  to  keep  full¬ 
time  head  counts  low,  but  using  contractors 
also  gives  the  IT  department,  which  has  42 
full-time  employees,  the  ability  to  shrink  and 


expand  at  will,  says  DiMarzio,  noting  that  while 
his  Hiroshima-based  Mazda  Motor  Corp.  is  a 
$21  billion  global  business,  the  automaker’s 
U.5.  operation  is  relatively  small. 

“Because  we  knew  we  were  head-count- 
constrained,  we  put  together  a  strategy  where 
most  of  our  full-time  employees  are  analysts  and 
project  managers,"  he  says.  “We  want  our  staff  to 
be  the  people  who  could  run  this  place.  We  can  al¬ 
ways  go  find  programmers  when  we  need  them." 

On  most  projects,  Mazda  IT  employees  serve 
as  lead  analysts  and  subject-matter  experts, 
while  contractors  do  the  actual  coding.  "While 
they’re  off  doing  the  coding,  our  staff  will  be 
working  on  other  projects.  We  try  to  prioritize 
so  that  there’s  a  focus  on  a  primary  project  and 
there’s  always  a  secondary  project  they  can 
work  on  at  the  same  time.” 

But  when  crunch  times  really  hit,  such  as 
during  model  year  changes  or  the  beginning  of 
the  fiscal  year,  Mazda  can  increase  contractor 
participation.  “If  we  find  we  are  out  of  good  sys¬ 
tems  analysts,  we’ll  take  one  of  the  smaller  proj¬ 


ects,  package  it  up  and  have  one  of  the  vendors 
do  it  from  soup  to  nuts,”  DiMarzio  says. 

When  that  happens,  “we  insist  that  there  be 
fixed-price  bids  on  those  projects,"  he  adds. 

“That  helps  make  sure  they  stay  within  their  time 
frames  and  pay  attention  to  the  projects.  It’s  not  a 
never-ending  supply  of  money  coming  their  way.” 

Mazda  also  gets  the  most  benefit  from  its  con¬ 
tractors  by  having  one  or  two  representatives  of 
each  service  provider  on-site,  so  they  can  get  to 
know  the  company.  That’s  important,  because 
Mazda  has  its  own  methodology  for  tech  proj- 
e  :s  and  insists  that  contractors  follow  it. 

Some  contractors  have  become  virtual  em¬ 
ployees,  working  on-site  on  an  ongoing  basis. 
“There  are  enough  projects  that  we  always  keep 
them  fully  occupied,"  DiMarzio  says.  “We  want 
to  keep  them  on  our  account  rather  than  some¬ 
one  else’s  account.”  And  when  IT  is  ready  to  hire 
someone  full  time,  they’re  ready  and  usually 
willing,  says  DiMarzio,  adding  “I’ve  converted 
some  contractors  to  employees.” 

-  M IN  DA  ZETLIN 


expert  is.  You  may  have  a  developer  who’s  good  at  development 
work  and  an  architect  who  really  understands  how  a  system  is 
put  together.  But  to  meet  the  demands  of  the  business,  you  have 
to  have  people  who  really  understand  the  needs  of  the  business. 
Those  are  the  people  who  are  hard  to  find  and  to  hang  on  to.” 

That’s  why  Coombes  and  his  team  sometimes  review  the  time 
commitments  of  specific  individuals  when  planning  projects. 
“We  ask  who  do  we  need  on  this  project  to  guarantee  it  will  be 
successful?  A  certain  key  individual  might  be  needed  on  two 
or  three  different  projects  at  the  same  time,  and  that  creates  a 
constraint  that’s  difficult  to  deal  with.” 

At  the  company  with  the  overworked  IT  department,  Gilmore 
says  management  had  been  addressing  that  issue  with  a  bit  of 
magical  thinking:  There  were  only  two  managers  in  application 
development  so  their  names  appeared  on  every 
project.  “Any  time  anything  new  came  in,  one 
of  them  got  put  on  it,”  Gilmore  says.  “They  were 
listed  to  all  these  action  items,  and  one  of  them 
alone  took  six  months!” 

When  IT  shops  face  such  situations,  there’s  a 
danger  that  people  may  wind  up  in  roles  they  can’t 
handle.  “Your  bottleneck  might  be  the  business 
analyst,”  says  Handler.  “Offshore  you  can  get  a 
double  Ph.D.  for  next  to  nothing  to  do  the  techni¬ 
cal  work,  so  a  lot  of  companies  send  that  work 
overseas  and  keep  their  business  analysts  as  busy 
as  possible.  Then  when  they  get  overloaded,  they 


say,  ‘Let’s  get  Bob  to  do  it.  He’s  in  IT  finance  —  that’s  like  a  busi¬ 
ness  analyst.’  And  then  Bob  makes  a  big  mess.” 

The  only  solution.  Handler  says,  is  to  know  what  your  depart¬ 
ment’s  limitations  are  and  respect  them.  “Most  of  the  time,  the 
constraining  resource  is  humans,  and  a  good  portion  of  the  time 
it’s  humans  with  technical  skills.  Sometimes  it’s  cash.  On  rare 
occasions,  I’ve  seen  it  be  conference  rooms.  But  whatever  it  is, 
you’ve  got  to  identify  the  constraining  resource  and  stop  approv¬ 
ing  things  when  it  looks  like  you’re  out  of  that  resource.” 

At  Gilmore’s  client,  the  move  to  setting  realistic  limits  seems 
to  be  working.  “So  far,  so  good,”  he  says.  “Projects  are  on  track, 
resources  are  allocated,  and  people  are  happy.” 

The  company’s  IT  strategy  is  set  for  the  rest  of  2013,  and  it’s 
planning  for  2014,  identifying  which  projects  will  need  new  hires 
or  outside  contractors.  Meanwhile,  business 
executives  are  learning  to  trust  IT.  “We’re  being 
honest  with  them  and  saying,  ‘Based  on  our 
workload,  we  can’t  get  to  you  till  nine  months 
from  today.’”  Gilmore  says.  “But  then  after 
that  period  has  passed,  we’re  coming  back  and 
saying,  ‘Now  we  can  start  on  this.’  So  they  see 
it’s  working.”  ♦ 

Zetlin  is  a  technology  writer  and  co-author  of  The 
Geek  Gap:  Why  Business  and  Technology  Profes¬ 
sionals  Don’t  Understand  Each  Other  and  Why 
They  Need  Each  Other  to  Survive.  Contact  her  at 
minda@geekgap.com. 


COMPUTERWORLO.COM  25 


As  personal  and  professional 
clouds  converge,  IT’s  mission  to 
improve  productivity  while  protecting 
corporate  apps  and  data  is  getting 
tougher,  by  Robert  l.  mitchell 


26  COMPUTERWORLD  MAY  20.  2013 


RING  YOUR  OWN  DEVICE  IS  SO  2012. 

The  next  big  push  in  the  consumeriza- 
tion  of  IT  is  bring  your  own  cloud.  And 
just  as  when  consumer  devices  poured 
into  the  enterprise,  many  IT  organiza¬ 
tions  have  already  responded  with  a  list 
of  do’s  and  don’ts. 

The  standard  approach  has  been  to 
forbid  the  use  of  personal  cloud  ap¬ 
plications  for  business  use,  by  offering 
official  alternatives  —  the  "‘use  this,  not 


Q 

s  ^  i 


GREENGUARD 


PRODUCT  CERTIFIED  FOR 
LOW  CHEMICAL  EMISSIONS 
UL.COM/GG 
ULXXXX 


L" 


PRODUCT  CERTIFIED  FOR 
REDUCED  ENVIRONMENTAL 
IMPACT.  VIEW  SPECIFIC 
ATTRIBUTES  EVALUATED: 
UL.COM/EL 

ULXXXX 


The  New  Marks  of  Leadership 

The  most  trusted  name  in  safety  is  making  its  mark  on  sustainability.  UL  Environment 
certifications,  like  GREENGUARD  and  ECOLOGO®,  provide  differentiation  in  the  marketplace 
and  third-party  verification  that  a  product  is  healthier  and  more  sustainable.  And,  with  a 
wide  variety  of  science-backed  standards,  ULcan  give  your  products  a  clear  competitive  edge. 
Recognizable  certifications,  new  marks,  greater  confidence. 

ul.com/environment 

888.485.473B 


Environment 


UL,  the  UL  logo  and  the  UL  certification  marks  are  trademarks  of  UL  LLC  ®  2013 


CONSUMERIZATION  OF  IT 


that”  approach  —  and  to  carve  out  separate  cloud  storage  work¬ 
spaces  for  business  documents  that  can  be  walled  off,  managed 
and  audited.  But  personal  cloud  services  are  difficult  to  control, 
and  users  are  adept  at  going  around  IT  if  the  productivity  tools 
in  their  personal  cloud  can  do  the  job  easier,  faster  and  better. 
IT  wants  a  bifurcated  approach  to  consumer  and  professional 
cloud  apps  and  storage.  But  users  don’t  work  that  way  anymore. 

Getting  Around  IT 

Scott  Davis,  CTO  of  end-user  computing  at  VMware,  originally 
began  using  a  personal  cloud  app  for  business  after  the  IT 
organization  failed  to  offer  a  viable  solution  that  met  his 
needs.  Davis,  who  has  speaking  engagements  all  over  the 
world  and  needs  to  share  large  multimedia  presentation  files, 
asked  for  an  exception  to  VMware’s  email  attachment  size 
quota.  IT  responded  first  by  suggesting  that  he  pare  down  the 
content  and  then  followed  up  by  suggesting  that  he  buy  “a 
bag  full  of  USB  drives”  to  send  presentations  by  mail.  “That’s 
when  I  started  using  Dropbox,”  he  says.  “IT  has  competition. 
People  know  what’s  out  there  and  how  to  get  the  job  done  if 
IT  doesn’t  help  them.”  Gartner  analyst  Michael  Gartenberg 
agrees.  “IT  has  to  deal  not  only  with  bring-your-own  devices 
but  bring-your-own  services,”  he  says.  People  will  bypass  even 
viable  alternatives  if  they  feel  that  the  officially  sanctioned 
professional  cloud  offering  isn’t  equal  to  the  task  —  or  if  they 
have  a  personal  cloud  app  they  like  better.  “If  it’s  digital  and  it’s 
consumer,  it’s  going  to  find  its  way  into  the  office.  People  will 
come  up  with  reasons  for  using  it,”  he  says. 

At  construction  management  firm  Skanska  USA  Building, 
employees  are  mashing  up  business  and  personal  work  on  a 
wide  range  of  personal  cloud  services,  including  Dropbox  and 
Evernote.  Today,  says  senior  enterprise  engineer  Jeff  Roman, 
“We  don’t  control  that.”  But  IT  is  actively  reviewing  its  options. 
“What  are  we  going  to  limit?  What  can  they  access  at  work  and 
at  home?”  he  asks.  Right  now  that’s  controlled  by  use  policies 
that  employees  must  follow  as  to  what  types  of  documents  need 
to  stay  out  of  the  cloud  and  what’s  permissible.  For  example, 
financial  data  “should  never  touch  a  cloud  service,”  he  says,  nor 
should  some  documents  relating  to  government  projects. 

But  Skanska  is  also  looking  for  an  officially  sanctioned  cloud 
storage  option.  It  is  considering  Microsoft’s  SkyDrive  Pro,  using 
Citrix’s  ZenMobile  to  provide  virtual  access  to  files  stored  on 
back-end  servers,  or  using  niche  services  such  as  Autodesk 
Buzzsaw,  which  puts  construction  design  tools  and  documents 
in  the  cloud.  “We  don’t  need  people  using  all  of  these  different 
tools,”  he  says,  but  any  solution  must  be  as  easy  to  use  as  the 
personal  cloud  tools  employees  rely  on.  Otherwise,  users  are 
likely  to  bypass  the  official  alternative.  “It  will  be  tough  to  find 
a  one-size-fits-all  solution,”  he  says,  “but  we’re  working  on  it.  I 
am  hopeful  that  within  the  next  year  we  will  have  one  in  place, 
whether  that  is  on-premises  or  cloud  or  a  hybrid  of  both.” 

Blurring  the  Lines 

Organizations  need  to  develop  a  three-pronged  strategy  for 
on-premises,  off-premises  and  cloud,  says  Jim  Guinn,  managing 
director  at  consultancy  PricewaterhouseCoopers.  “You  really 
need  to  pay  attention  to  how  you  secure  documents  that  are  in 
someone  else’s  cloud-based  service,”  he  says. 

Roman  says  some  documents  just  don’t  belong  in  popular 

28  COMPUTERWORLD  MAY  20.  2013 


uity  firm 


ageme 


program  to  control 


and  added  WatchDox's  data  rights 


control  and  monitor  the  use  of  its  most  sensi 

i 

WatchDox  encrypts  documents  upload 
of  a  local  MyWatchDox  sync  folder;  When  the 
creator  drops  a  file  into  the  folder,  WatchDox 
encrypts  it  and  distributes  it  to  ail  < 
vices,  as  well  as  to  other  authorized  users 1 

_ I.  . 


■ 


only  if  they  use  a  browser  plug-in  or  a 
the  user  and  controls  and 
Biackstone,  which  installed  the 
:  •  > , ;  an  investor  in  WatchDox  (and  now  has  a 
Dox  executive  board),  mostly  i 
jewels  "  as  opposed  to  everyday 
Murphy,  Wider  usage  will  o 
tools  are  as  easy  to  use 
On  the  plus  side,  tab! 
tcmedtodownl 


different  fro 
But  it's 

M 


ADVERTORIAL 


You  don't  have  to 
do  it  alone  with 
mobile  development 

SEEK  A  TRUSTED  PARTNER  WITH  PROVEN 
EXPERIENCE  AND  EXPERTISE 


While  most  organizations  have  developed  a  mobile 
strategy,  the  majority  -  78  percent  -  say  their  strategies 
are  at  low  to  medium  maturity,  why?  Because  mobility, 
with  its  highly  specialized  skill  sets,  fast  pace  and  unique 
customer  requirements,  is  a  challenging  market.  Many 
organizations  struggle  with  the  complexity  of  mobile  tech¬ 
nology,  the  lack  of  in-house  specialization  and  the  speed 
required  to  bring  a  competitive  product  to  their  customers. 
But  they  don't  have  to  do  it  alone.  Many  turn  to  mobile 
outsourcing  as  a  solution. 

The  best  vendors  are  organized  and  aligned  to  address 
the  unique  needs  of  the  mobile  landscape,  allowing  their 
clients  to  improve  time  to  market,  enhance  their  invest¬ 
ment  in  mobile  technology  and  position  themselves  for 
success. 


Primary  Reasons  for  Outsourcing 
Mobile  Application  Development 


Better  expertise  than  available  in-house 


»  Qualities  of  Effective  Mobile  Applications 
Vendor  Partners 

To  maximize  vendor  partnerships,  look  for  the  following 
attributes: 

»  Organizations  value  a  vendor  partner  that  offers 
mobility  as  a  dedicated  practice,  with  the  specialized  talent 
in-house  to  keep  projects  driving  forward.  With  a  singular 
focus  in  mobility,  these  resources  can  deliver  effective 
mobile  applications. 

»  Next,  partner  with  a  vendor  able  to  adapt  without 
bias,  as  flexibility  in  support  and  delivery  is  critical  in 
mobile  development.  The  ability  to  support  the  full  range 
of  popular  mobile  platforms  is  daunting,  and  development 
across  platforms,  devices,  screen  sizes  and  versions  is  key. 

»  Look  for  a  vendor  that  can  deliver  an  end-to-end 
solution,  meeting  both  consumer  and  enterprise  demands 
across  the  spectrum  of  technical  consulting,  mobile  devel¬ 
opment,  mobile  testing  and  mobile  application  support. 

»  Finally,  turn  to  a  partner  that  can  provide  guidance 
and  clarity.  A  vendor  that  can  leverage  best  practices  and 
monitor  processes  to  keep  projects  on  track  can  help  orga¬ 
nizations  effectively  deliver  on  their  mobile  strategies. 


ABOUT  TEKSYSTEMS  MOBILITY  SERVICES 

TEKsystems  Mobility  Services  helps  clients  deliver  on  and 
execute  all  of  their  mobile  application  needs  -  including 
development,  testing,  support  and  technical  consulting 
services.  Our  comprehensive  offering  helps  clients  adapt 
to  the  fast-paced,  evolving  mobile  environment  by  provid¬ 
ing  targeted  solutions  based  on  individual  market,  budget 
and  functionality  requirements.  Led  by  industry  experts, 
our  practice  provides  agility  and  flexibility  to  deliver  on 
the  promise  of  mobility. 


COMPIfTERWORLD  ^TEKsustems 

Custom  Solutions  Group  ■  I  lo 


To  learn  more,  visit 

www.teksystems.com/mobility 


CONSUMERIZATION  OF  IT 


cloud  storage  services.  “I’ve  read  the  whitepapers  on  Dropbox 
and  Box.  I  guess  they’re  secure,”  he  says.  But  for  sensitive  docu¬ 
ments,  he  adds,  “we  don’t  want  to  risk  it.” 

Even  the  issue  of  who  owns  business  applications  and  how 
those  applications  are  licensed  is  blurring.  Evernote  for  Busi¬ 
ness,  for  example,  adds  a  business  services  layer  that  includes 
policy-controlled  business  notebooks  and  adds  business  docu¬ 
ment  libraries  to  the  user’s  personal  Evernote  account.  Personal 
and  professional  documents  reside  in  different  repositories  but 
with  a  unified  view. 

“We’re  seeing  a  transition  from  two  completely  separate 
worlds  to  a  world  where  there  is  no  line  between  what’s  good 
for  personal  and  what’s  good  for  business,”  says  Andrew  Sinkov, 
vice  president  of  marketing  at  Evernote.  And  if  the  user  leaves 
the  organization,  the  account  —  sans  business  documents  — 
goes  with  him.  “This  model  is  little  understood  but  I  think 
will  have  a  profound  impact,”  says  Frank  Gillett,  an  analyst  at 
Forrester  Research. 

With  Office  2013  and  SkyDrive,  Microsoft  has  taken  a  small 
step  toward  creating  a  unified  view  of 
the  user’s  personal  and  professional 
worlds.  It  has  created  synchronized, 
local  versions  of  the  user’s  SkyDrive 
and  SkyDrive  Pro  (SharePoint  docu¬ 
ment  library)  storage  repositories  that 
exist  as  separate  folders  on  the  user’s 
local  desktop.  In  this  way,  Office  365 
can  create  and  modify  documents  in 
the  cloud,  Office  2013  can  read  and 
write  to  the  same  files  in  a  local  folder, 
and  all  changes  will  be  synchronized. 

“There’s  a  convergence  happening  from 
the  user’s  point  of  view,”  says  Microsoft 
storyteller  Steve  Clayton. 

This  strategy  gets  around  the  modal 
approach  to  personal  and  professional 
workflows  —  the  two-car-garage  model 
where  the  user  must  back  out  of  one 
account  bay  and  enter  another  to  view 
and  edit  documents.  Office  applications 
can  save  to  either  folder.  And  if  the  user 
copies  a  document  from  his  personal 
SkyDrive  folder  into  the  SkyDrive  Pro  folder,  that  file  will  be 
copied  back  to  the  cloud,  where  the  policies  for  that  document 
library  will  apply. 

But  only  in  the  cloud.  While  IT  can  control  which  files  users 
can  sync  with  SkyDrive  Pro,  the  cloud  service  can’t  control 
what  users  do  with  the  locally  stored  versions  of  those  files. 
Users  either  must  work  with  sensitive  files  in  the  cloud  only  or 
use  Office  2013’s  Information  Rights  Management  feature  to 
control  forwarding,  copying  or  printing  of  specific  documents. 

“Clearly,  there’s  a  lot  of  change  coming  where  IT  has  to  inte¬ 
grate  these  [personal  cloud  services]  into  the  current  stack  and 
figure  out  how  it  will  work  together,”  says  Amit  Singh,  presi¬ 
dent  of  the  enterprise  unit  at  Google,  which  in  recent  years  has 
added  enterprise  features  to  consumer-based  cloud  applications 
such  as  Google  Docs.  With  the  latter,  individual  documents 
can  be  shared  between  the  controlled,  auditable  professional 
account  and  the  user’s  personal  account.  But  Docs  offers  no 


unified  document  view.  On  the  other  hand,  Google  Plus,  Singh 
says,  “was  imagined  as  a  semipermeable  layer  where  we  add 
controls  for  the  enterprise  from  the  bottom  up.” 

The  Task  at  Hand  for  IT 

But  not  all  consumer-based  cloud  apps  will  necessarily  be  ex¬ 
panded  to  support  enterprise  security  and  compliance  needs. 

As  the  personal  and  professional  worlds  continue  to  blur,  IT 
will  have  to  adapt.  Users  will  want  to  use  some  of  their  own 
personal  cloud-based  productivity  tools,  so  for  better  or  worse,  IT 
will  need  to  support  mainstream  personal  cloud  apps  —  includ¬ 
ing  Dropbox,  says  Gillett.  Going  forward,  he  says,  “you  need  to 
look  at  integrating  employees’  personal  cloud  apps  and  data  in 
the  same  way  you  connect  with  business  partners  today.” 

Ultimately,  IT  will  have  to  stop  worrying  about  how  to  control 
which  applications  people  are  using  or  where  documents  reside 
and  focus  on  protecting  the  documents  themselves,  says  Gartner 
analyst  Ken  Dulaney.  “Companies  will  just  have  to  permit  these 
things  and  take  a  different  look  at  security,”  he  says,  adding  that 

IT  will  eventually  embrace  digital 
rights  management  schemes  such  as 
Microsoft’s  Information  Rights  Man¬ 
agement  service. 

“We’re  working  with  Microsoft 
on  ways  to  support  that  in  a  mobile 
context,”  says  Nicko  van  Someren, 
CTO  at  enterprise  mobile  manage¬ 
ment  vendor  Good  Technology.  But 
the  market  for  the  use  of  rights  man¬ 
agement  servers  to  track  and  control 
content  is  still  embryonic,  he  adds. 

While  DRM  has  a  bad  reputation 
among  consumers,  the  systems  could 
work  for  business,  Dulaney  says.  He 
sees  an  evolution  of  products  similar 
to  WatchDox,  which  encrypts  files 
that  move  outside  of  the  enterprise 
space  and  requires  that  users  have 
an  authenticated  reader  app  to  view 
them.  To  this,  IT  might  also  need  to 
add  public  key  infrastructure  systems 
and  certificates,  Dulaney  says. 

But  if  the  idea  of  DRM  seems  unpalatable  —  and  expensive 
—  the  convergence  of  personal  and  professional  clouds  could 
leave  IT  organizations  with  few  other  options  for  protecting 
truly  sensitive  documents.  IT  departments  will  also  be  faced 
with  the  challenge  of  maximizing  convenience  while  protecting 
those  documents  in  a  world  where  those  assets  need  to  exist  on 
and  move  quickly  between  many  different  endpoint  devices. 

“These  trends  in  consumer  technology  are  so  massive  and 
supported  by  so  many  citizens  that  this  is  now  the  era  of  user- 
driven  IT,”  says  Dulaney.  “It’s  not  business-driven.  The  user  gets 
to  decide.” 

Skanska’s  Roman  says  he  has  no  illusions  that  he  can  ever 
completely  control  all  of  the  applications  and  data  created  and 
shared  in  the  cloud  even  though  the  company  plans  to  offer 
official  cloud  alternatives  and  has  strong  policies  about  the  use 
of  sensitive  documents.  Yes,  you  can  put  policies  and  tools  in 
place.  But  ultimately,  he  says,  “you  have  to  trust  your  users.”  ♦  . 


many  citizens  that 
this  is  now  the  era  of 
user-driven  IT.  It's  not 
business-driven.  The 
user  gets  to  decide. 

KEN  DULANEY,  ANALYST,  GARTNER 


30  COMPUTERWORLD  MAY  20,  2013 


/are 


Call  for  Submissions 

VMware  Innovation  Awards 

—  Submit  Now 

•  Have  you  and  your  team  completed  a  project  that  had 
a  positive  impact  on  your  company  or  industry? 

•  Was  it  a  project  that  helped  to  transform  the  experience 
for  employees  or  customers? 

•  Did  you  and  your  team  complete  the  project  despite  internal 
and  external  challenges? 

•  Have  you  leveraged  VMware’s  technology? 

Then  it’s  time  to  share  your  story  and  gain  recognition  for  your 
leadership.  Nominations  are  now  being  accepted  for  the  first 
annual  VMware  Innovation  Awards,  produced  by  Computerworld. 

The  innovation  categories  are  (multiple  entries  are  accepted): 

—  Driving  Business  Innovation  with  the  Cloud 
—  Enabling  True  Session  Mobility 
—  Leveraging  the  Software-Defined  Data  Center 
—  Transforming  the  Workforce  with  New  Technologies 

Winners  will  be  selected  by  a  prestigious  panel  of  judges 
and  honored  at  VMworld  on  August  27th  in  San  Francisco. 

Get  more  information  and  nominate  your  project: 
http://events.computerworld.com/vmwareawards 


Nomination  deadline:  May  31,  2013 


IT  MANAGEMENT 


Build,  Dismantle, 

REPEAT 


EITH  ROBERTORY  was 

staring  down  a  project  of 
epic  proportions. 

Last  fall,  as  the  East  Coast 
prepared  for  Hurricane 
Sandy  to  strike,  Robertory 
was  planning  to  create  and 
run  an  entire  IT  shop.  He’d  have  only  hours  to 
organize  staff  and  get  systems  running. 


These  CIOs  know  how  to  set  up  IT  operations  quickly  and  take  them  down  just  as  fast. 
Here’s  what  you  can  learn  from  people  who  work  on  the  fly.  by  mary  k.  pratt 

32  COMPUTERWORLD  MAY  20.  2013  n.chol**  »e«  /  6£tty  images 


He  just  needed  to  know  where  to  go. 

Robertory  heads  the  disaster  services  technology  group  at 
the  American  Red  Cross.  It’s  his  job  to  make  sure  Red  Cross  aid 
workers  have  the  on-site  technology  they  need  to  do  their  jobs, 
even  when  a  hurricane  takes  out  everything  else. 

“When  most  people  go  to  an  IT  person  and  talk  about  disaster, 
they’re  picking  up  servers  and  running  away.  We’re  doing  just 
the  opposite.  We’re  taking  equipment  into  the  disasters  where 
infrastructure  is  the  worst,”  he  says. 

Robertory  has  an  unusual  talent  in  a  profession  whose  practi¬ 
tioners  often  talk  about  multiyear  deployments:  He  can  build  and 
dismantle  an  entire  IT  department  on  the  fly. 

“We  assume  there’s  no  infrastructure,  [so  we  ask]:  How  can  we 
get  soup  to  nuts  done?”  he  says. 

Robertory  and  other  IT  executives  who  work  in  similar 
circumstances  say  the  temporary  nature  of  their  operations 
forces  them  to  focus  on  the  essentials  —  the  systems  that  their 
organizations  need  most  in  order  to  be  as 
efficient  and  effective  as  possible.  Their 
lessons  on  how  to  run  successful  IT  shops 
in  extraordinary  situations  cam  be  applied 
in  even  the  most  ordinary  of  conditions. 

Boxed  and  Ready 

For  Robertory,  focusing  on  the  essentiads 
means  quickly  delivering  the  equipment 
and  connectivity  that  aid  workers  need. 

Sometimes,  like  in  the  case  of  Hurricane 
Sandy,  he  knows  up  to  a  week  in  advance 
that  his  services  will  be  required,  even 
if  he  doesn’t  know  exactly  where  they’ll 
land.  Other  times,  he  has  no  warning. 

Either  way,  he’s  ready  to  deliver 
everything  from  Windows  laptops  to 
networking  gear.  “Anything  that  you’d 
see  in  a  normal  office  environment 
we  have  boxed  up  in  ruggedized  cases 
ready  to  go,”  he  says. 

Robertory  keeps  a  mix  of  technolo¬ 
gies  in  the  cases  to  ensure  that  his  teams 
can  get  something  up  and  running 
fast.  If  land  line  phones  don’t  work,  for 
example,  they  can  go  with  cellular  or 
satellite.  As  part  this  modular  approach,  he  adds  new  technologies 
that  seem  to  make  sense  while  retaining  those  that  have  per¬ 
formed  well  in  the  past. 

The  cases  are  shipped  to  disaster  zones,  where  volunteers  who 
make  up  Robertory’s  on-the-ground  IT  teams  set  up  shop.  In  the 
Hurricane  Sandy  response  effort,  volunteers  built  the  IT  infra¬ 
structure  at  a  staging  area  in  White  Plains,  N.Y.,  and  used  satellite 
communications  until  they  had  data  circuits  pulled  in.  The  setup 
was  later  moved  to  a  vacant  floor  in  a  Manhattan  building,  where 
the  Red  Cross  could  use  the  existing  network  infrastructure. 

The  equipment  comes  with  detailed  instructions  for  volunteers 
to  follow.  Robertory  says  the  goal  is  to  have  a  clear,  concise  plan 
so  volunteers  don’t  get  bogged  down.  “We  have  a  15-minute  rule. 
If  it  takes  you  more  than  15  minutes  to  figure  something  out,  ask 
for  help  or  [work  on  another  piece  of  equipment].  We  just  keep 
moving.  That’s  one  of  the  secrets  to  our  success,”  he  says. 


Ready  to  Scale -Fast 

Not  surprisingly,  speed  is  a  common  priority  for  most  temporary 
IT  shops.  Just  ask  Michael  Slaby. 

Slaby  served  as  CTO  for  Barack  Obama’s  2008  presidential 
campaign  and  as  CIO  for  Obama’s  2012  campaign  for  a  second 
term.  In  the  re-election  effort,  he  oversaw  the  entire  IT  opera¬ 
tion,  from  analytics  to  security,  starting  work  in  early  2011  and 
continuing  through  nearly  all  of  2012.  He  built  an  IT  department 
that  served  thousands  of  workers  in  that  two-year  period  —  but 
he  knew  that  it  would  all  go  away  in  the  end. 

“The  challenge  is,  you’re  optimizing  for  very  different  things 
than  you  are  in  a  permanent  enterprise,”  he  says.  “It’s  hard  to  plan 
ahead,  it’s  hard  to  know  when  you’ll  scale,  but  you  know  it  will  be 
big  and  it  will  be  fast,  so  you  have  to  optimize  for  speed.” 

Although  speed  was  paramount,  Slaby  still  had  to  keep  spend¬ 
ing  under  control  and  he  had  to  guarantee  that  everything  would 
work  well.  And  he  had  to  be  sure  he  supported  the  organization’s 

mission.  “How  does  this  help  us  win? 
That’s  the  question  we  filter  every¬ 
thing  through,”  he  says. 

Slaby  says  understanding  those 
parameters  allowed  him  to  make  the 
decisions  that  worked  best  for  his  orga¬ 
nization.  He  teamed  up  his  engineer¬ 
ing  and  infrastructure  staff  to  ensure 
they  worked  together  and  integrated 
systems  as  quickly  as  he  needed.  He 
used  cloud  applications  for  almost  all 
the  Web  infrastructure  as  well  as  other 
applications  because  he  says  it  offered 
the  speed  and  stability  he  required. 

Those  guidelines  also  helped  him 
decide  what  he  could  skip,  even 
if  it  meant  violating  standard  IT 
best  practices  —  it  was,  after  all,  a 
temporary  shop.  For  example,  Slaby 
says  he  built  in  security  “but  didn’t 
get  bogged  down  in  the  idea  that 
we  needed  a  perfect  tool.”  He  didn’t 
develop  a  thorough  disaster  recovery 
plan  but  instead  had  redundancy 
only  for  some  key  systems.  And  he 
didn’t  offer  training  and  development 
for  staff  or  volunteers.  “We  didn’t  have  time  for  hand-holding,” 
he  says,  noting  that  he  generally  found  people  with  broad  skill 
sets  more  valuable  than  specialists  who  couldn’t  be  moved  when 
needs  shifted. 

A  staff  with  a  breadth  of  expertise  is  required,  Slaby  and  others 
say,  because  these  IT  setups  do  indeed  run  enterprises,  just  as 
permanent  IT  shops  do.  While  the  infrastructure  may  have  a 
much  shorter  life  span,  the  need  for  it  to  operate  smoothly  is  no 
less  important  in  these  temporary  situations. 

Putting  on  the  Games 

At  the  busiest  point  of  his  four-year  tenure  as  CIO  for  the  London 
2012  Olympics  and  Paralympics,  Gerry  Pennell  had  400  paid 
staffers,  2,500  contractors  and  3,000  volunteers  working  in  the 
IT  operation  he  oversaw. 

When  he  started  in  November  2008  with  a  debriefing  from 


people  go 
to  an  IT  person  and  talk 

abourdisastei^ney’re 
picking  up  servers  and 
running  away.  We’re 
doing  just  the  opposite. 
We’re  taking  equipment 
into  the  disasters  where 
infrastructure  is  the  worst 

KEITH  ROBERTORY,  DISASTER  RESPONSE 
EMERGENCY  COMMUNICATIONS  MANAGER, 

THE  AMERICAN  RED  CROSS 


COMPUTERWORLD.COM  33 


IT  MANAGEMENT 


Advice  From  the  Front  Lines 


One  of  the  powers  of  the 
Games  is  that  it  gives 
everyone  a  shared  goal, 
to  get  to  that  end  result. 
That’s  something  you  have  to  work 
harder  at  in  other  situations.  Another 
takeaway:  By  having  to  box  everything, 
you  remove  some  of  the  traps  that 
IT  departments  fall  into  -  over¬ 
elaborating  or  putting  in  too  many 
bells  and  whistles.  That  was  something 
of  a  learning  point. 

-  GERRY  PENNELL,  CIO  FOR 

THE  LONDON  2012  OLYMPICS  AND 
PARALYMPICS 


You  have  to  figure  out 
the  balance  for your 
organization  -  the  balance 
between  agility  and 
stability.  We  tend  to  over-optimize 
for  stability  and  that  makes  us  less 
innovative  as  a  result.  Striking  that 
balance?  There’s  no  magic  formula;  it’s 
different  for  every  organization  and 
every  culture.  It’s  what’s  appropriate 
for  what  you’re  trying  to  do. 

-  MICHAEL  SLABY,  CIO  FOR 

PRESIDENT  BARACK  OBAMA’S 
2012  CAMPAIGN  AND  CTO  FOR 
OBAMA'S  2008  CAMPAIGN 


Find  a  way  to  get  your 
technology  people  to  under¬ 
stand  and  do  the  mission. 
Through  disaster  work, 
that’s  where  l  get  our  corporate  technol¬ 
ogy  people  to  feel  passion  about  our 
mission.  Day  to  day,  they  might  be  fixing 
computers,  but  if  I  ship  them  out  to  a 
disaster,  they  see  the  clients  we’re  help¬ 
ing.  You  should  be  able  to  find  some¬ 
thing  to  be  proud  of  wherever  you  work. 

-  KEITH  ROBERTORY, 

DISASTER  RESPONSE  EMERGENCY 
COMMUNICATIONS  MANAGER 
FOR  THE  AMERICAN  RED  CROSS 


the  team  that  had  just  run  IT  at  the  Summer  Olympics  in  Beijing, 
he  had  about  a  dozen  staff  members  and  some  support  from  the 
International  Olympic  Committee.  He  capped  off  his  term  in 
November  2012  by  meeting  with  the  team  that  will  handle  IT  for 
the  2016  summer  games  in  Rio  de  Janeiro. 

Like  any  CIO,  Pennell  supported  a  typical  office  infrastructure 
that  included  accounting,  email  and  knowledge  management 
systems,  among  others.  He  was  also  responsible  for  the  systems 
used  in  the  actual  athletic  events  and  those  that  supported  the 
needs  and  interests  of  participating  athletic  teams,  journalists, 
attendees  and  fans  around  the  world. 

And  just  like  other  CIOs,  Pennell  says  he  had  to  determine 
where  to  incorporate  new  technologies  and  where  to  stick  with 
more  proven  applications,  and  when  to  buy  off  the  shelf  and 
when  to  build  his  own  tools. 

“I  started  from  a  perspective  to  minimize  risk  as  much  as  I 
could,  so  we  went  with  proven  technology  as  long  as  there  was 
not  a  reason  not  to,”  he  says.  Pennell  says  he  didn’t  want  to  risk  a 
wide-scale  failure  with  the  whole  world  watching. 

However,  Pennell  says  he  did  incorporate  new  technologies 
into  his  enterprise,  mostly  for  mobile  systems,  which  he  accom¬ 
modated  by  building  the  world’s  highest-density  Wi-Fi  network  in 
London’s  Olympic  Park. 

Pennell  says  the  brief  life  span  of  his  IT  infrastructure  gener¬ 
ally  wasn’t  a  consideration  when  it  came  to  choosing  security 
systems.  “If  you  can  get  technology  working  for  a  day,  you  can 
make  it  work  for  a  year  —  and  the  reverse  is  true,”  he  explains. 

The  shortened  life  cycle  did,  however,  affect  his  implementa¬ 
tion  schedule.  Like  Slaby  and  Robertory,  he  didn’t  have  the  luxury 
of  time.  “Most  organizations  can  roll  out  in  drips  and  tweak  as 
they  go  along,”  he  says.  “The  Olympics  mean  that  you’re  switch¬ 
ing  everything  on  on  the  same  day.  You  have  to  be  able  to  recover 
from  situations  when  they  occur.  That’s  the  big  difference.” 

He  worked  backward  from  the  endpoint  to  schedule  de¬ 
ployment  and  testing  to  ensure  everything  would  be  ready  by 


summer  2011,  when  preliminary  events  were  scheduled.  Such 
time  pressures  can  test  even  the  most  experienced  IT  depart¬ 
ments,  and  Pennell  acknowledges  that  the  tight  schedule  was  one 
of  the  biggest  challenges  he  faced. 

“Most  IT  departments  have  a  long  history  of  how  they  do 
things  and  usually  come  up  with  written  methodologies.  We  had 
none  of  that,  and  we  had  people  from  different  backgrounds  — 
retail,  banking,  the  public  sector  —  and  no  real  shared  way  of 
doing  things.  And  we  didn’t  have  time  to  invest  in  methodolo¬ 
gies,  so  we  put  time  into  governance  and  communication,”  he 
says.  “What  it  demonstrated  for  me  is  that  governance  and  com¬ 
munication  are  more  important.” 

During  the  Olympics  project,  Pennell  says,  governance  was  all 
about  managing  milestones,  putting  strict  time  frames  around 
the  work  and  making  sure  that  everyone  understood  the  goals 
and  their  roles  in  meeting  them. 

He  says  working  for  the  Olympics  was  a  big  draw  for  people, 
so  his  team  of  paid  workers,  contractors  and  volunteers  was  mo¬ 
tivated.  Still,  he  made  sure  that  his  IT  department  had  identified 
roles  and  responsibilities  along  with  job  descriptions  and  annual 
reviews.  Understandably,  they  skipped  long-term  goal-setting, 
but  Pennell  and  his  team  did  map  out  how  jobs  would  morph 
over  the  course  of  the  four  years  as  operations  moved  from  plan¬ 
ning  to  implementation  to  actually  running  the  show. 

His  workers  even  got  support  when  the  enterprise  was 
dismantled.  As  leased  equipment  went  back  to  suppliers  and  pur¬ 
chased  goods  went  back  to  vendors  that  prepared  them  for  resale 
or  donation,  staffers  worked  with  human  resources  professionals 
hired  to  help  them  write  resumes  and  search  for  jobs. 

It  was  a  hard  stop  for  the  workers  after  all  that  racing,  but 
Pennell  says  their  Olympic  performance  proved  they  have 
stamina.  After  a  run  like  that,  he  says,  the  day-to-day  operations 
of  the  standard  IT  department  don’t  seem  so  daunting.  ♦ 

Pratt  is  a  Computerworld  contributing  writer  in  Waltham,  Mass. 
Contact  her  at  marykpratt@verizon.net. 


34  COMPUTERWORLD  MAY  20.  2013 


Personalized  IT  newsletters 
from  Tech  Dispenser. 

You  pic  the  topics. 

You  pick  the  s  urces. 

You  pick  he  frequency. 

Build  your  own  newsletter  featuring  your  favorite 
technology  topics  -  cloud  computing,  application 
dev  dopment,  security  -  over  200  timely  topics,  from 
me  re  than  7C  truste  sources. 


Get  started  today.  It's  free, 

/ww.techdispen:  er.com 

TECH  Q  DISPENSER 


Disturbingly  personal  newsletters 


Moving  to  Better  Access  Control 

A  NAC  initiative  so  far  has  revealed  a  whole  lot  of  devices 
that  don’t  meet  the  criteria  for  getting  on  the  network. 


ANOTHER  STEP  in  our  relent¬ 
less  march  toward  better  se¬ 
curity:  A  couple  of  weeks  ago, 
our  network  access  control 
(NAC)  initiative  moved  to 
initial  deployment. 

Our  main  goal  with  NAC  is  to  restrict 
the  access  of  unauthorized  devices 
to  certain  segments  of  our  corporate 
network.  Several  times,  noncorporate 
devices  connected  to  our  corporate 
network  introduced  malware  or  were 
found  to  contain  some  of  our  intellectual 
property.  We  have  a 
corporate  policy  that 
prohibits  the  use  of 
personal  devices  on  our 
network,  but  without 
NAC,  we  couldn’t  ef¬ 
fectively  enforce  it. 

With  the  initial  deployment,  we’re 
focusing  on  end-user  access  points:  the 
wired  ports  and  wireless  hubs  in  our 
offices,  as  well  as  the  VPN.  These  are  a 
higher  priority  than  securing  our  produc¬ 
tion  server  networks  and  the  engineer¬ 
ing  and  test-and-development  network 
segments  in  the  data  center.  We’ll  get  to 
those  later. 

We  chose  a  NAC  tool  with  a  central¬ 
ized  management  console  that  monitors 


every  switch  port  on  the  VLANs  serving 
our  50-plus  offices  around  the  world. 
With  such  far-flung  facilities,  this  is  more 
cost-effective  than  installing  appliances 
at  every  location. 

I’m  sure  you  know  how  NAC  works. 
Any  device  that  connects  to  a  switch 
port  or  authenticates  to  the  network  via 
802. ix  is  interrogated  before  it  is  granted 
network  access.  Most  of  our  authorized 
devices  are  Windows  PCs.  If  a  PC  is 
seeking  access,  we  first  want  to  deter¬ 
mine  if  it  is  a  member  of  our  domain. 

Next,  we  check  that  it’s 
running  our  systems 
management  software. 
For  now,  we’re  assum¬ 
ing  that  any  PC  that 
passes  that  test  is  up  to 
date  with  patches  and  endpoint  protec¬ 
tion.  Eventually,  we  might  directly  inter¬ 
rogate  the  device  about  those  things,  but 
for  now  we’re  going  to  be  satisfied  with 
this.  PCs  with  the  systems  management 
software  will  be  allowed  to  connect  to 
the  corporate  network.  Others  will  be 
halted  and  given  some  options:  install 
the  required  software,  be  placed  on  a 
segmented  network  to  facilitate  that,  or 
be  given  access  to  our  guest  network  for 
limited  Internet  access. 


Trouble 

Ticket 


Network 

access  control  is  ready 
for  deployment. 


Move 

slowly  so  as  not  to 
disrupt  the  business  with 
sudden  tight  controls. 


In  practice,  this  means  that  if  a  PC  is 
a  domain  member  but  isn’t  running  the 
systems  management  software,  we  may 
elect  to  install  the  software.  On  the  other 
hand,  if  a  PC  is  not  a  domain  member 
(for  example,  one  that  has  been  brought 
in  from  home  or  by  a  vendor’s  rep)  but  is 
up  to  date  with  patches  and  is  running 
an  antivirus  client,  we  may  decide  to 
grant  access  to  the  guest  network.  That 
option  would  still  give  a  vendor’s  rep 
access  to  the  Internet  in  order  to  provide 
product  demos. 

Other  Devices 

We  have  a  few  corporate-sanctioned 
Linux  machines  and  Macs.  To  control 
their  access  to  the  corporate  network,  we 
could  install  a  NAC  agent  on  each  device, 
create  exceptions  by  registering  the 
devices’  MAC  addresses  or  obtain  each 
device’s  SSH  key  so  that  the  NAC  tool 
can  interrogate  the  device.  As  for  iPads, 
iPhones  and  Android  mobile  devices, 
they  will  be  routed  to  the  guest  network 
unless  they  connect  via  a  VPN  client. 

At  this  point  in  our  NAC  deployment, 
we’re  only  monitoring  the  activity  and 
not  actually  enforcing  network  lockouts, 
so  as  not  to  disrupt  business  activity. 

It’s  a  good  thing,  too,  since  a  whole  lot 
of  devices  are  failing  to  meet  even  our 
initial  security  policy.  In  initial  monitor¬ 
ing,  more  than  40%  of  the  Windows 
PCs  could  not  be  properly  interrogated. 
Many  of  them  were  domain  members, 
but  we  could  not  determine  if  they 
were  running  the  systems  management 
software.  This  will  have  to  be  looked 
into,  as  will  the  plethora  of  Linux  and 
Apple  devices  that  are  connected  to  the 
network  but  are  not  corporate  owned.  ♦ 
This  week’s  journal  is  written  by  a  real 
security  manager,  “Mathias  Thurman,” 
whose  name  and  employer  have  been 
disguised  for  obvious  reasons.  Contact  him 
at  mathias_thurman@yahoo.com. 


We  have  a  policy  that  prohibits  the  use  of 
personal  devices,  but  we  couldn’t  enforce  it 


the  discussions  about 
security!  computerworld.com/ 
blogs/security 


36  COMPUTERWORLD  MAY  20,  2013 


The  Compi  terworld  Linkedln  Forum 
is  a  community  for  all  t  ngs  IT : 
news,  analysis  and  discussion  about 
tc  pics  within  IT,  including  caree  3, 
management  and  hot  topics, 

If  you  are  an  enterprise  IT  actitioner 
at  any  level  we’d  love  to  have  you  join. 


Apply  for  membership  today  at 

www.computerworld.com/linkedin 


on  Linked  in 


Avoid  IT  Audit  Nightmares 


Because  of  SOX, 
IT  problems  are 
now  appearing  in 
Ms  as ‘material 
weaknesses.’ 


Bart  Perkins  is 

managing  partner 
at  Louisville,  Ky.- 
based  Leverage 
Partners,  which  helps 
organizations  invest 
well  in  IT.  Contact 
him  at  BartPerkins® 
LeveragePartners.com. 


0  ORGANIZATION  wants  its  problems  announced  to  the  whole 
world.  In  IT,  when  something  goes  wrong,  our  inclination  is  to 
tell  the  internal  people  who  need  to  know  while  at  the  same 
time  communicating  our  plan  to  resolve  the  problem.  But  such 


discretion  is  no  longer  viable.  Because  of  regula¬ 
tions  under  the  Sarbanes-Oxley  Act,  IT  problems 
are  now  appearing  in  10-Ks,  as  “material  weak¬ 
nesses.”  That  phrase  could  indicate  that  enterprise 
financial  data  is  inaccurate.  Yikes! 

The  Federal  Home  Loan  Mortgage  Corp. 
(Freddie  Mac)  encountered  this  nightmare  in  its 
2011  and  2012  io-Ks.  Auditors  stated  that  mate¬ 
rial  weaknesses  existed  in  Freddie  Mac’s  inter¬ 
nal  financial  reporting  controls.  The  2011 10-K 
acknowledged  the  weaknesses,  asserting  that  they 
resulted  from  the  conservatorship  imposed  during 
the  financial  crisis.  The  2012  10-K  stated  that  the 
2011  problems  were  “related  to  our  inability  to  ef¬ 
fectively  manage  information  technology  changes 
and  maintain  adequate  controls  over  informa¬ 
tion  security  monitoring,  which  resulted  from 
increased  levels  of  employee  turnover.” 

Such  public  confessions  attract  unwanted  scru¬ 
tiny  from  executive  management  and  the  board. 
Their  concern  is  well  founded.  Freddie  Mac’s  10-K 
filings  contributed  to  a  free  fall  of  its  stock. 

Freddie  Mac’s  IT  challenges  are  hardly  unique. 
In  its  2012  10-K,  it  stated,  “Our  core  systems 
and  technical  architecture  include  many  legacy 
systems  and  applications  that  lack  scalability  and 
flexibility.”  Later,  Freddie  Mac  added  that  its  ac¬ 
counting  systems  “lack  sufficient  flexibility”  and 
went  on  to  explain  that  “this  requires  us  to  rely 
more  extensively  on  spreadsheets  and  other  end- 
user  computing  systems.” 

If  any  of  this  sounds  familiar,  start  addressing 
the  issues  now  to  prevent  being  cited  in  a  future 
10-K.  Here  are  some  ways  to  do  that: 

■  Take  audits  seriously.  Annual  audits  assess 
incident  management,  change  management. 


availability  management  and  other  internal  IT 
controls,  resulting  in  a  list  of  “findings.”  But 
auditors  often  fail  to  assign  relative  importance  to 
those  findings,  leaving  IT  to  set  priorities.  Because 
fixing  audit-related  issues  generally  receives 
far  less  emphasis  than  other  projects,  the  same 
issues  might  remain  on  the  list  for  years.  This  is  a 
mistake.  Change  your  attitude,  and  consider  the 
audit  an  opportunity  to  determine  how  well  IT 
functions  and  supports  the  enterprise. 

■  Develop  an  “insurance”  business  case.  One 
thing  that  puts  projects  that  address  audit  find¬ 
ings  on  the  back  burner  is  that  they  don’t  directly 
affect  profits.  That  makes  them  unsuitable  to  a 
traditional  business  case  structure.  You  need  to 
make  an  “insurance”  business  case,  arguing  that 
an  investment  is  warranted  because  the  impact  of 
a  potential  event  is  so  catastrophic.  This  approach, 
commonly  used  for  SOX  compliance  and  business 
continuity  plans,  can  be  used  to  justify  funding 
necessary  to  address  known  IT  weaknesses. 

■  Reinforce  IT’s  operational  importance.  Most 
executives  and  board  members  know  that  finan¬ 
cial,  HR  and  other  operational  systems  depend  on 
IT.  But  those  systems  aren’t  sexy,  and  they  aren’t 
market  differentiators,  so  they  tend  to  be  taken 
for  granted.  Big  mistake.  When  roads  and  bridges 
deteriorate,  transportation  slows.  Similarly,  crum¬ 
bling  operational  systems  slow  the  enterprise’s 
ability  to  do  business  on  a  day-to-day  basis. 

IT  material  weaknesses  in  a  10-K  paint  a  bull’s- 
eye  on  the  CIO’s  forehead.  Top  management 
might  even  decide  it’s  easier  to  outsource  IT  than 
to  fix  it.  Not  good.  Identify  and  correct  IT  issues 
before  they  land  in  the  public  eye.  Or  start  updat¬ 
ing  your  resume.  ♦  / 


38  COMPUTERWORLD  MAY  20,  2013 


® 


dtSearch 


The  Smart  Choice  for  Text  Retrieval  ^  since  1991 


Instantly  Search 
Terabytes  of  Text 

•  25+  fielded  and  full-text  search  types 

•  dtSearch's  own  document  filters  support  "Office," 

PDF,  HTML,  XML,  ZIP,  emails  (with  nested  attachments), 

—and  many  other  file  types 

•  Supports  databases  as  well  as  static  and  dynamic  websites 

•  Highlights  hits  in  all  of  the  above 

•  APIs  for  .NET,  Java,  C++,  SQL,  etc. 

•  64-bit  and  32-bit;  Win  and  Linux 

Ask  about  fully-functional  evaluations 

www.dtSearch.com  i-800-it-finds 


MARKETPLACE 

'lightning  fast" 

Redmond  Magazine 

"covers  all  data  sources" 

eWeek 

"results  in  less  than  a  second" 

InfoWorld 

hundreds  more  reviews 
and  developer  case  studies 
at  www.dtsearch.com 


dtSearch  products: 

^  Desktop  with  Spider 

♦  Network  with  Spider 

♦  Publish  (portable  media) 

Web  with  Spider 

♦  Engine  for  Win  &  .NET 

♦  Engine  for  Linux 

%>v  Document  filters  also  available 
for  separate  licensing 


mm&itsmmifAi 


•msMi 


Make  the  Most  Out  of  Your  Advertising  Budget. 
Reach  Computerworld’s  Targeted  Audience. 

94%  of  those  surveyed  said  they  take  one  or  more  actions  as  a  result  of  seeing  an  advertisement, 

with  75%  visiting  an  advertiser’s  website.* 


The  Marketplace  section  of 


COMPVTERWORLD 

Contact  Enku  Gubaie  for  more  details. 
508.766.5487 

Source:  *Harvey  Ad  Measurement  Study,  ,  .  , 

computerworid  May  io,  2010  egubaie@idgenterprise.com 


COMPUTERWORLD.COM  39 


FOTOLIA 


Q&A 


The  Value  of  Hailing 


Most  IT  professionals  are  not  in 
the  habit  of  negotiating  salary 
when  accepting  a  new  job  offer, 
according  to  Dice.com.  In  the 

April  issue  of  the  Dice  Report,  Tom 
Silver,  senior  vice  president  at  the 
job  site,  said  that  most  of  the  838 
hiring  managers  and  recruiters  that 
Dice  asked  about  this  said  most 
tech  professionals  accept  the  first 
offer,  with  no  haggling.  Silver  noted 
that  when  the  hiring  managers  and 
recruiters  were  asked  how  much 
they  increased  the  salary  offer, 
on  average,  when  a  job  candidate 
negotiated,  the  most  common  re¬ 
sponse  was  5%.  That,  he  calculated, 
adds  up  to  over  $4,000  for  an  IT  pro 
making  the  average  U.S.  salary. 


THE  CHANCES  OF  HEARING  ‘NO’ 

When  a  job  candidate  asks  to  negotiate  salary, 
how  often,  on  average,  does  your  company  (or 
one  of  your  client  companies )  increase  the  offer? 


Very  frequently: 
6% 


Peter 

Cannone 


The  CEO  of  OnForce  on  the 
technology  consulting  work  force. 


Is  the  IT  contracting  workforce  growing?  Business  growth  un¬ 
certainty  has  greatly  accelerated  companies’  use  of  the  IT  contract 
workforce,  and  we  expect  this  trend  to  continue.  A  recent  study 
by  MBO  Partners  forecasts  that  independent  workers  will  account 
for  more  than  50%  of  the  workforce  by  2020.  At  OnForce,  we  see 
about  700  applications  from  service  techs  each  month  -  and  this 
is  purely  from  word  of  mouth,  no  advertising. 

When  the  recession  hit,  many  companies  had  to  lay  off  staff, 
and  those  that  held  on  to  idle  employees  racked  up  significant 
losses.  The  memories  are  vivid  and  personal.  Now  these  com¬ 
panies  have  low  confidence  in  their  ability  to  predict  what  the 
future  holds.  As  a  result,  independent  workers  and  small  IT  com¬ 
panies  have  become  a  key  part  of  how  work  gets  done,  greatly 
increasing  the  demand  for  (and  number  of)  IT  contractors. 


Is  the  economy  behind  the  growth,  or  is  it  something  else? 

The  economy  definitely  drove  the  initial  shift  toward  indepen¬ 
dent  contractors,  but  tech  innovation  has  taken  the  driver’s  seat 
at  this  point. 

Service  companies  are  taking  on  new  types  of  work,  such  as 
mobile  devices  and  networks,  and  they’re  using  contractors  to 
get  it  done.  Companies  can  maintain  a  larger  pool  of  technicians, 
tapping  specialized  experts  for  whatever  key  skills  are  needed 
for  today’s  project,  rather  than  relying  on  employee  generalists. 

What  sort  of  IT  professional  is  best  suited  for  life  as  a 
contractor  -  that  is,  which  skills  are  in  demand,  and  what 
personality  adapts  well  to  the  contracting  life?  For  some. 

becoming  an  independent  contractor  is  looking  like  a  better 
choice  all  the  time.  There  are  three  key  factors  for  this:  desire  for 
independence,  erosion  of  the  employee  value  proposition  (e.g., 
lack  of  job  security,  disappearing  pensions,  threatened  health¬ 
care  coverage)  and  the  rapid  pace  of  technological  change. 

In  fact,  one  of  our  most  recent  surveys  with  our  community  of  in¬ 
dependent  contractors  uncovered  that  60%  of  them  willingly  joined 
the  independent  workforce,  and  56%  wouldn’t  consider  working  for 
someone  else,  even  if  the  salary  and  benefits  were  comparable. 

Every  prospective  independent  contractor  needs  to  be  hon¬ 
est  with  himself  about  whether  he  has  the  necessary  technical 
know-how.  He  also  needs  to  be  up  for  the  challenges  of  finding 
work  and  making  sure  he  gets  paid  in  a  timely  way  for  the  work 
he  has  completed. 

In  addition,  independent  contractors  need  top-notch  listening 
and  problem-solving  skills,  as  well  as  a  true  passion  for  what 
they  do.  The  job  involves  dealing  with  new  tasks,  a  wide  variety 
of  customer  demands  and  unexpected  problems  daily.  Contrac¬ 
tors  have  to  be  up  for  anything  to  build  a  successful  business. 

Perhaps  even  more  challenging  is  keeping  pace  with  technology. 
Independent  contractors  have  to  supplement  existing  skills  with 
new  ones  on  a  regular  basis  -  and  to  stay  focused  and  current,  they 
really  have  to  love  what  they  do. 


40  COMPUTERWORLD  MAY  20.  2013 


IT  careers 


Interested  candidates  send 
resume  to:  Google  Inc.,  PO  Box 
26184  San  Francisco,  CA  94126 
attn:  Keeshia  Moultrie.  Please 
reference  job  #  below: 

User  Interface  Designer  (Venice, 
CA)  #1615.4996  Define  the  user 
model  and  user  interface  for  new 
and  existingGoogle  products  and 
features.  Exp  incl:  Adobe 
Photoshop,  Illustrator, 

Dreamweaver,  After  Effects, 
Acrobat,  OmniGraffle,  &  Flash; 
Microsoft  Office  sw;  create  pro¬ 
totypes  w/  Jscript,  jQuery  &/or 
Hype;  HTML5;  &  CSS3. 

SW  Engineer  (Venice,  CA) 
#1615.3807  Design,  develop, 
modify,  and/or  test  software 
needed  for  various  Google  pro¬ 
jects.  Exp  incl:  C++;  Linux  and 
UNIX;  F*ython,  Java,  &  Matlab; 
Computer  Vision;  &  mach  learn. 


Interested  candidates  send 
resume  to:  Google  Inc.,  PO  Box 
26184  San  Francisco,  CA  94126 
attn:  Keeshia  Moultrie.  Please 
reference  job  #  below: 

Software  Engineer  Positions  (NY, 
NY)  Design,  develop,  modify, 
and/or  test  software  needed  for 
various  Google  projects.  Exp  incl: 
#1615.1091:  web  dvlpmnt;  cli¬ 
ent-side  technologies;  internet 
browsers;  web  perf;  web  stan¬ 
dards;  stat  analysis  on  large 
audiences  &  datasets;  &  C++, 
Jscript,  &  Python. 

#1615.4095  highly-spatial  data; 
optimize  &  visualization;  oo  pro¬ 
gram  &  multi-thread  syst;  C  &  C+ 
+;  Python,  Git,  &  Java;  &  web 
dvlpmnt,  incl  HTML,  CSS,  & 
Jscript. 


Interested  candidates  send 
resume  to:  Google  Inc.,  PO  Box 
26184  San  Francisco,  CA  94126 
attn:  Keeshia  Moultrie.  Please 
reference  job  #  below: 

Ad  Serving  Technical  Specialist 
(San  Francisco,  CA) 
#1615.3564  Function  as  the 
internal  or  client-facing  Google 
product  expert.  Exp  incl:  Python 
or  Java;  SQL;  &  HTML,  HTTP 
Protocols,  &  Jscript. 

Software  Engineer  (San 
Francisco,  CA)  Design,  develop, 
modify,  and/or  test  software 
needed  for  various  Google  pro¬ 
jects.  Exp  incl:  #1615.5228 
Python;  MySQL;  Linux  syst 
admin;  backend  appl  monitor  & 
troubleshoot;  Apache  HTTP 
Server  or  nginx  HTTP  Server; 
Algorithms;  sw  design;  &  Restful 
API  design. _ 


Interested  candidates  send 
resume  to:  Google  Inc.,  PO  Box 
26184  San  Francisco,  CA  94126 
Attn:  Keeshia  Moultrie.  Please 
reference  job  #  below: 

Software  Engineer  Positions 
(Kirkland,  WA)  Design,  develop, 
modify,  and/or  test  software 
needed  for  various  Google  pro¬ 
jects.  Exp  incl: 

#1615.1250:  C,  C++,  Java,  or 
Objective-C;  multithread;  oo  pro¬ 
gram;  dvlpmnt  of  high-perf  code; 
data  struct;  &  algorithms. 
#1615.975:  C,  C++,  Java, 
Python,  XML,  &  HTML;  algo¬ 
rithms  design,  analysis,  &  imple¬ 
ment;  oo  design;  &  design  & 
implement  large  scale  web  svcs. 


Electronic  Engineer  (Embedded 
SW)  (Springfield,  TN):  Design  & 
dvlpmt  of  new  software  for 
advanced  induction  cooking 
product  as  well  do  maintenance 
activities  for  induction  products 
already  in  production.  Create  reli¬ 
able  &  cost  efficient  SW/HW 
solutions  in  compliance  w  inter¬ 
nal  &  external  dvlpmt  guidelines. 
Ensure  syst  design  is  in  compli¬ 
ance  w  safety  &  EMC  standards. 
Create  SW  architecture,  tech¬ 
nical  specs  &  SW  dvlpmt  docu¬ 
mentations,  as  well  as  EMC  tests 
&  power  performance  of  induc¬ 
tion  generators.  Observe  elec¬ 
tronic  market  &  trend  of  induction 
tech  &  ensure  success  of  new 
components  &  new  tech  integra¬ 
tion  in  products.  Reqmt:  Master’s 
degree  or  equiv  in  Electronics, 
Electrical  Engg,  Comp  Engg,  or 
rel  field.  2  yrs  of  exp  in  job 
offered  or  rel  occupations  of  SW 
Engineer  or  Electrical  Engineer. 
Exp  must  include  SW  design  & 
development  in  embedded  sys¬ 
tem  &  firmware,  embedded  C  & 
assembly  language.  Exp  must 
also  include  SW  project,  HW/SW 
integration,  debuggers,  simu¬ 
lators  &  analyzers  in  embedded 
SW  dvlpmt.  Exp  in  SW  dvlpmt  of 
PC-based  simulators  &  test  tools, 
as  well  as  SW  evaluation  &  func¬ 
tion  validation  required.  We  offer 
competitive  salaries  &  benefits. 
Please  email  resumes  to 
mike.norton@electrolux.com. 


Looking  for  a 
challenging  IT  Career, 
shouldn’t  be 
such  a  challenge. 


Check  back  with  us  weekly  for  fresh  list¬ 
ings  placed  by  top  companies  looking  for 
skilled  professionals  like  you! 


Interested  candidates  send  resume  to:  Google  Inc.,  PO  Box  26184  San 
Francisco,  CA  94126  Attn:  Keeshia  Moultrie.  Please  reference  job  #  below: 
Software  Engineer  in  Test  Positions  (Mountain  View,  CA)  Design,  develop, 
modify,  and/or  test  software  needed  for  various  Google  projects.  Exp  incl: 
#1615.5499  dvlpmnt  of  diagnostic  &  monitor  syst;  design  &  dvlpmnt  of  test 
&  production  sw  of  prototype  hw  syst;  dvlpmnt  of  distrib  test  &  report  syst; 
code  reviews;  program  in  C,  C++,  Python,  or  assembly;  srvr-class  CPU 
architectures;  UNIX  or  Linux;  device  drivers;  file  syst;  &  firmware. 
#1615.4203:  C  &/or  C++;  Jscript;  Java;  STL  &  Linux;  &  algorithms. 

User  Experience  Researcher  (Mountain  View,  CA)  #1615.775  Research 
user  experience  aspects  of  Google  products.  Exp  incl:  integration  of  user 
research  into  prod  designs  &  design  practices;  SQL,  Python,  SPSS  & 
remote  usability  test  tools,  incl  Keynote  or  UserZoom;  &  stats  and  principles 
of  experiment  design. 

Partner  Technology  Manager/Product  Manager  (Mountain  View,  CA) 
#1615.1037  Take  responsibility  for  Google  Product  from  conception  to 
launch.  Exp  incl:  dvlpmnt  of  Internet  Prod  &  technologies,  incl  ntwrk  tech¬ 
nologies,  incl  XML,  HTML,  Jscript,  Unix  or  Linux;  program  lang,  incl  C,C++, 
or  Java;  &  work  in  customer-facing  role. 

Test  Engineer  (Mountain  View,  CA)  #1615.755  Design,  develop,  modify, 
and/or  test  software  needed  for  various  Google  projects.  Exp  incl:  dvlpmnt 
&/or  test  automation;  C,  C++,  C#,  or  Java;  Python,  Perl,  or  Shell;  &  web- 
based  appl  automation. 

User  Interface  Designer  (Mountain  View,  CA)  #1615.2474  Define  the  user 
model  and  user  interface  for  new  and  existing  Google  products  and  fea¬ 
tures.  Exp  incl:  design  across  multiple  devices  &  pltfrms;  Apple  iOS  or 
Android  Ul  guidelines;  CSS  &  HTML;  &  Adobe  Photoshop  or  Fireworks. 

Site  Reliability  Engineer  (Mountain  View,  CA)  #1615.5431  Provide  soft¬ 
ware  engineering  and  diagnostics  expertise  necessary  to  ensure  full  avail¬ 
ability  of  Google  online  services.  Exp  incl:  Linux  or  Unix;  syst  eng'g;  sw 
dvlpmnt;  &  diagnostics&  perf  optimization  in  ntwrk  protocols,  real-time  syst, 
&  virtual  mach. 

SW  Eng  Positions  (Mountain  View,  CA):  Design,  develop,  modify,  and/or 
test  software  needed  for  various  Google  projects.  Exp.  incl: 

#1615.5169  oo  analysis  &  design;  Java;  Jscript;  HTML;  CSS;  Ajax;  HTTP; 
Python;  Android  dvlpmnt;  Closure  Library;  Soy  template;  &  Closure 
Stylesheets. 

#1615.4833  oo  program  using  C++,  Java  or  Python;  distrib  high  availabil¬ 
ity  syst;  &  operate  syst,  incl  UNIX,  Linux  or  Windows;  &  ntwrkng 
#1615.4838  program  skills  in  Object-C,  C++,  or  Java;  mobile  appl  dvlpmnt; 
oo  prog  analysis  &  design;  algorithms  &  data  struct;  Ul  frmwrks  on  mobile 
pltfrms,  MVC  appl  design  &  complex,  reactive  touch  based  Ul;  database  & 
object-relational  mapping  design,  analysis  &  implement;  &  client-server 
prog,  incl  API  design  &  implement. 

#1615.4635.1  dvlpmnt  of  sw  syst;  troubleshoot  &  maint  of  existing  syst; 
mgmnt  of  prod  lifecycle  f/requirements  to  user  adoption,  incl  requirements 
gathering,  translations  to  functional  specs,  &  design  creations;  &  implement 
syst  in  oo  lang  using  web  related  protocols  &  specs. 

#1615.4060  mach  learn  tasks;  data  analysis;  C++;  parallel  computation;  & 
data  struct. 

#1615.451  Java;  C  &  C++;  SQL;  appl  program  interface  design;  debug  & 
fix  large-scale  distrib  syst;  algorithms  &  data  struct;  multi-thread  syst  design 
&  implement;  database  syst;  oper  syst;  syst  security;  ntwrk  infrastruct;  test- 
write;  &  REST  syst. 

#1615.1457  embed  sw;  embed  controllers;  USB  architecture  &  hw;  power 
mgmnt  &  optimize;  &  driver  support,  optimize,  test  &  debug  x86  &  ARM  lap- 
top/mobile  pltfrms. 

#1615.2135  web  srvrs;  User-facing  interfaces;  C  &  C++;  Java  &  Jscript; 
multi-thread  program;  HTML5;  CSSS;  large-scale  distrib  compute;  algo¬ 
rithms;  natural  lang  process;  &  syst  design  &  optimization. 

#1615.739  C  &  C++;  Python;  Java;  shell  script;  stat  analysis;  adv  data 
struct  &  algorithms;  complexity  analysis  of  algorithms;  computational  data 
analysis  techniques;  &  adv  parallel  program  paradigms. _ 


Interested  candidates  send 
resume  to:  Google  Inc.,  PO 
Box  26184  San  Francisco,  CA 
94126  Attn:  Keeshia  Moultrie. 
Please  reference  job  #  below: 
Mechanical  Engineer  (Moun¬ 
tain  View,  CA)  #1615.599: 
Design  and  build  software, 
hardware,  computing  platforms 
and  networking  technolggies. 
Exp  incl:  thermal  design  & 
simulation;  thermal  design  of 
electronics;  product  design  & 
dvlpmnt  experience;  &  struc¬ 
tural  analysis  incl  modal,  ran¬ 
dom  vibration,  seismic  and 
fatigue  analysis  &  testing. 


Sr.  Software  Developer. 
Design,  develop  &  test  various 
applications  on  MS  Platforms: 
NET  Framework  v.  2.0-3.0+  w / 
C#  language  &  SharePoint. 
Knowledge  of  Lean  &  Agile 
Software  &  T-SQL,  B.S  in 
Comp.  Science/Eng.  or  related 
field  +  5  yrs  exp  req.  Resume 
to:  Access  Mediquip,  Attn:  HR 
255  Primera  Blvd..  #230,  Lake 
Mary,  FL  32746 


MAY  20,  2013 


COMPUTERWORID 


IT  careers 


Interested  candidates  send  resume  to:  Google  Inc.,  PO  Box  26184  San 
Francisco,  CA  94 126  Attn:  Keeshia  Moultrie.  Please  reference  job  #  below: 
Business  Systems  Integrator  (Mountain  View,  CA)  #1615.5802  Design 
analytical  solutions  that  answer  complex  business  decisions.  Exp  incl: 
implement,  configure,  customize  &  integration  of  3rd-party  sw  solutions: 
dvlpmnt  of  business  applications  end-to-end,  incl  front-end,  data  storage,  & 
application  integration:  Java  &  SQL:  UNIX  &/or  Linux;  Perl,  Shell,  Python,  or 
XML;  &  Oracle's  application  technology  stack. 

Network  Engineer  (Mountain  View,  CA)  #1615.656  Identify  technical  issues 
on  Google's  networks  and  determine  appropriate  short  term  and  long  term 
solutions  to  mitigate  service  impacts  caused  by  these  issues.  Exp  incl:  trou¬ 
bleshoot  &  support  Cisco  &/or  Juniper  routers  &  switches;  OSI,  TCP/IP, 
PPP,  VRRP,  HSRP,  Frame  Relay,  &  SNMP  protocols;  VLAN,  STP,  ARP, 
VTP,  WLAN,  ICMP,  &  ISDN;  ntwrk  routing  protocol  troubleshoot  in  BGP, 
OSPF,  IS-IS,  &  MPLS;  Unix  SJor  Linux  syst  admin;  &  shell  script  &  C  pro¬ 
gram. 

Technical  Account  Manager  (Mountain  View,  CA)  #1615.3899  Provide 
technical  support  for  Google's  strategic  partners  to  ensure  the  development 
and  launch  of  new  company  products.  Exp  incl:  internet  prod  &  architecture; 
XML,  HTML,  &  jscript;  UNIX  &/or  Linux;  syst  architectural  design;  C++, 
Java,  &/or  Python;  &  prog  mgmnt. 

Software  Engineer  in  Test  (Mountain  View,  CA)  #1615.3136  Design, 
develop,  modify,  and/or  test  software  needed  for  various  Google  projects. 
Exp  incl:  MapReduce;  compressed  &  high  perf  data  storage  syst; 
AppEngine;  Java;  jscript;  C++;  Python;  &  Unix  or  Linux. 

SW  Eng  Positions  (Mountain  View,  CA):  Design,  develop,  modify,  and/or 
test  software  needed  for  various  Google  projects.  Exp.  incl: 

#1615.2817:  stat  data  analysis;  backend  features;  design  solutions;  binary 
&  data  analysis;  &  writing  codes. 

#1615.4856  algorithm  design  &  implement;  design  &  implement  systems  in 
an  oo  lang;  C++  &  Java;  mach  learn  for  data  extraction;  &  natural  lang  proc¬ 
ess. 

#1615.4220:  C,  C++,  Python,  Java,  HTML,  &  SQL;  multithread  &  parallel 
program;  oo  dvlpmnt;  parallel  &  distrib  computing;  &  large-scale  data  proc¬ 
ess  info  extraction. 

#1615.1257:  design  &  analysis  of  computer  algorithms  &  data  struct;  mul¬ 
tithread  program;  C,  C++,  or  Java;  Python,  Perl,  Shell,  or  PHP;  &  UNIX  or 
Linux. 

#1615.4866:  optimization  algorithms  in  mid-level  optimization  &  backend 
code  generation;  perf  analysis  &  tuning;  adv  computer  architecture,  incl  x86 
&  ARM;  Linux  kernel  &  runtime  library;  C  &/or  C++Python;  &  syst  trouble¬ 
shoot  &  debug. 

#1615.3642  C++  or  C#;  Java;  Linux;  multithread  &  parallel  program;  oo 
dvlpmnt;  large-scale  distrib  syst  design  &  dvlpmnt;  &  distrib  storage  syst.  2 
of  the  following:  HTML,  XML,  Javascript,  or  SQL. 

#1615.3503  C++;  sw  syst;  distrib  syst;  &  data  struct  &  algorithms. 
#1615.3539  C,  C++,  Python;  Linux  program,  hw  program;  multi-thread  & 
multi-process  applications;  inter-thread  &  inter-process  communications; 
kernel  program;  ntwrk/socket  program;  device  driver  dvlpmnt;  Linux  shell 
program;  agile  sw  dvlpmnt;&  computer  ntwrkng. 

#1615.4351:  C,  C++  ,  Java,  or  Python;  algorithm  design,  data  struct,  & 
syst  design;  distrib  computing,  info  retrieval,  data  mining,  multithread,  or 
mach  learn;  sw  sys  design,  dvlpmnt,  deployment,  &  debug;  Unix  &/or  Linux; 
&  TCP/IP. 


Sogeti  USA  LLC,  an  IT 
Consulting  Co.  HQ  in  Dayton, 
OH,  currently  seeks  IT  profes¬ 
sionals  to  fill  Consultant  positions 
located  in  Dayton,  OH  and  client 
sites  throughout  the  U.S.  Specific 
skill  sets  needed  include: 

Web  (Microsoft,  .Net,  Sharepoint, 
Biztalk)  Application  Development 
-Job  ID  1830 

Web  (Java,  J2EE,  Websphere 
and  ecommerce  technology) 
Application  Development-  Job  ID 

1831 

Business  Intelligence  -  Job  ID 

1832 

Database  Services  -  Job  ID  1833 
CRM  Consultants  -  Job  ID  1834 
Infrastructure  Services  -  Job  ID 

1835 

Testing  &  QA  Services  -  Job  ID 

1836 

ERP  Consultants  -  Job  ID  1837 
PLM  Consultants  -  Job  ID  1838 
Business  Analysts  -  Job  ID  1839 
Project  Management  Services  - 
Job  ID  1840 

For  consideration,  apply  online  at 
http://www.us.sogeti.com/Career/ 
Jobs/  and  submit  resume  to  the 
relevant  job  title/id.  You  must 
have  authority  to  work  per¬ 
manently  in  the  U.S.  and  must  be 
willing  to  travel/relocate  Entry 
through  Sr.  level  positions  avail¬ 
able 


Sr.  Programmer  Analysts  :  Dvlp, 
and  write  comp  programs  to 
store,  locate,  &  retrieve  spec 
docs,  data,  &  info.  Dsgn,  dvlp  & 
implement  the  next  generation  IP 
platforms  using  tools  &  s/w  with 
back-end  databases  to  provide 
an  integrated  mngmt  sys. 
Convert  proj  specifications  & 
statements  of  prob  &  procedures 
to  detailed  logical  flow  charts  for 
coding  into  comp  language. 
Anlyz  user  needs  &  s/w  require¬ 
ments  to  determine  feasibility  of 
dsgn  within  time  &  cost  con¬ 
straints.  May  prog  website.  Using 
tools  T-SQL,  PL/SQL,  .Net,  SAP, 
Crystal  Reports,  SSAS.  Masters 
in  CS,  Engineering  (any), 
Science  (any)  w/6  months  of 
related  exp  is  reqd.  Bachelor  w/5 
yrs  of  exp  equivalent  to  Masters 
is  acceptable.  Mon  thru  Fri.  9:00 
a  m.  to  5:00  p  m.  Offers  standard 
employment  benefits.  Apply  w/2 
copies  of  res  to  TEJ  Solutions 
Inc.  5490  McGinnis  Village 
Place,  Ste  #  130  &  131. 
Alpharetta,  GA  30005. 


COMPUTERWORLD 

Law  Firms 
IT  Consultants 
Staffing  Agencies 


Are  you  frequently  placing 
legal  or  immigration  advertisements? 


Place  your  Labor  Certification  Ads  Here! 

Let  us  help  you  put  together  a 
cost-effective  program 
that  will  make  this 
time-consuming 
task  a  little  easier. 


Contact  us  at: 

800.762.2977 


careers 


42  COMPUTERWORLD  MAY  20.  2013 


HAL  MAYFORTH 


then  go  to  the  correct  company,  ABC, 
where  they  wanted  to  know  what 
took  him  so  long  to  get  there.” 


Ghost  in  the  Machine 

It’s  a  few  years  back,  and  at  this  county  jail  an  IT  pilot  fish  is  finishing  up  a  sup¬ 
port  call  when  he  notices  something  peculiar.  “The  camera  outside  the  sheriff’s 
dispatcher’s  office,  which  was  pointed  at  the  booking  sergeant’s  vacant  desk,  had 
a  white  Styrofoam  cup  stuck  over  the  lens,”  fish  says.  “I  asked  the  dispatcher  if  she 
could  see  the  booking  desk  OK.”  She  checks  her  bank  of  monitors  and  says  it  looks 
fine.  Let  me  see,  says  fish  -  and  sure  enough,  on  the  bank  of  monochrome  moni¬ 
tors  he  can  see  the  fuzzy  image  of  a  figure  in  the  chair.  But  fish  knows  there’s  no 
one  in  the  chair.  He  removes  the  cup.  The  image  is  about  the  same.  “We  discovered 
that  a  static  image  had  been  burned  into  every  one  of  her  monitors,”  says  fish. 


“The  image  of  the  booking  sergeant 
we  saw  was  a  composite  of  all  the 
sergeants  who  sat  in  that  desk  for 
the  past  three  years.  All  the  monitors 
had  to  be  replaced  and  put  on  a  rota¬ 
tion  schedule.  No  one  told  the  prison¬ 
ers  anything  about  it.  We  hope." 

Oops! 

Service  tech  gets  a  late-evening  call 
to  fix  something  at  a  customer’s  of¬ 
fice,  but  when  he  arrives  he  finds  ev¬ 
erything  has  been  shut  down  for  the 
night.  “He  had  the  night  watchman 
open  the  data  center  and  power  up 


all  the  machines,”  reports  a  pilot  fish 
in  the  know.  “Sure  enough,  he  found 
that  one  of  the  machines  wasn’t 
working.  He  repaired  it,  and  since  it 
wasn’t  on  maintenance  he  wrote  up 
a  bill  and  left  it  on  the  supervisor’s 
desk.  When  going  to  dinner  later  with 
the  other  techs,  someone  asked  him 
what  the  problem  was  at  ABC  Inc. 

He  said  he  didn’t  know,  because  he 
had  just  fixed  a  problem  at  ABZ  Corp. 
Checking  with  dispatch,  he  realized 
he  went  to  the  wrong  company.  He 
had  to  go  back  to  ABZ,  wake  up  the 
night  watchman,  destroy  the  bill  and 


Probably  Not 

User  calls  this  pilot  fish  with  a  fairly 
standard  complaint:  Her  computer 
just  died.  “I  ask  her  if  her  monitor 
is  on  and  explain  that  she  needs  to 
look  for  the  green  ‘on’  light,”  says 
fish.  “She  tells  me  that  she  doesn’t 
see  any  light.  I  ask  her  to  check  to 
see  if  the  computer  is  on  -  another 
green  light,  on  the  box  where  the 
CD  is  inserted.  She  doesn’t  see  any 
lights  there  either.  She  then  tells  me 
that  in  the  cubicle  next  to  her  the 
computer  also  died.  She  says  nothing 
is  working  in  the  cubicles.  I  tell  her 
that  she  needs  to  contact  the  facili¬ 
ties  department  to  get  the  power 
turned  back  on  to  the  cubicles.  She 
agrees  to  do  that.  Then  she  asks  if 
I  can  get  her  computer  going  until 
facilities  arrives.” 


»  Get  Sharky  going  with  a  true 
tale  of  IT  life.  Send  it  to  me  at  sharky® 
computerworld.com.  You’ll  get  a 
stylish  Shark  shirt  if  I  use  it. 


Q  CHECK  OUT  Sharky’s  blog,  browse  the  Sharkives  and  sign  up  for  home  delivery  at  computerworld.com/sharky. 


ADVERTISERS  INDEX 

This  index  is  provided  as  an 
additional  service.  The  publisher 
does  not  assume  any  liability  for 
errors  or  omissions. 

APC  by  Schneider  Electric  . .  11 

schneider-electric.com 

BlackBerry  . 9 

blackberry.com/business 

Brocade . 13 

brocade.com/easy 

CenturyLink  . 5 

centurylink.com/link 

dtSearch  . 39 

dtsearch.com 

Hewlett-Packard . 7 

hp.com/servers/proliantmp5 

IBM  Intel . C2 

ibm.com/systems/moreforless 

InterSystems . 3 

intersystems.com/ideal5a 

Microsoft . C4 

microsoft.com/ws2012 

TEKsystems  . 29 

teksystems.com/mobility 

UL  Environment . 27 

ul.com/environment 

Verizon  Wireless  .  19, 21-24 
verizon.com/mobileworkforce 

VMware . 15,31 

vmware.sddc 


#BPA 

■  A  I  I  I  tt  I  A  I  ■ 


Periodical 
postage 
"  ’’  paid  at 
Framingham,  Mass.,  and 
other  mailing  offices.  Posted 
under  Canadian  International 
Publication  agreement 


PM40063731.  CANADIAN 
POSTMASTER:  Please  return 
undeliverable  copy  to  PO  Box 
1632,  Windsor,  Ontario  N9A 
7C9.  Computerworld  (ISSN 
0010-4841)  is  published 
twice  monthly  except 
for  the  month  of  July  by 
Computerworld  Inc.,  492 
Old  Connecticut  Path,  Box 
9171,  Framingham,  Mass. 
01701-9171.  Copyright 
2011  by  Computerworld 
Inc.  All  rights  reserved. 
Computerworld  can  be 
purchased  on  microfilm 
and  microfiche  through 
University  Microfilms 
Inc.,  300  N.  Zeeb  Road, 

Ann  Arbor,  Mich.  48106. 
Computerworld  is  indexed. 
Back  issues,  if  available, 
may  be  purchased  from  the 
circulation  department. 
Photocopy  rights:  permission 
to  photocopy  for  internal 
or  personal  use  is  granted 
by  Computerworld  Inc. 
for  libraries  and  other 
users  registered  with  the 
Copyright  Clearance  Center 
(CCC),  provided  that  the 
base  fee  of  $3  per  copy  of 
the  article,  plus  50  cents 
per  page,  is  paid  directly  to 
Copyright  Clearance  Center, 
27  Congress  St.,  Salem, 

Mass.  01970.  Reprints 
(minimum  500  copies)  and 
permission  to  reprint  may 
be  purchased  from  The  YGS 
Group,  (800)  290-5460,  Ext. 
100.  Email:  computerworld® 
theygsgroup.com.  Requests 
for  missing  issues  will  be 
honored  only  if  received 
within  60  days  of  issue  date. 
Subscription  rates:  $5  per 
copy:  Annual  subscription 
rates:  -  $129;  Canada  - 
$129;  Central  &  So.  America 
-  $250;  Europe  -  $295; 
all  other  countries  -  $295; 
digital  subscription 
$29.  Subscriptions  call 
toll-free  (888)  559-7327. 
POSTMASTER:  Send  For  m 
3579  (change  of  Address) 
to  Computerworld  PO 
Box  3500,  Northbrook.  111. 


60065-3500. 


COMPUTERWORLD.COM  43 


—  OPINION 


PAUL  GLEN 


Keeping  Processes  Vital 


As  long  as 
a  problem 
seems  present, 
gnarly  and 
intractable,  we 
enjoy  following 
the  process 
that  solves  it. 


Paul  Glen,  CEO  of 

Leading  Geeks,  is 
devoted  to  clarifying 
the  murky  world  of 
human  emotion  for 
people  who  gravitate 
toward  concrete 
thinking.  His  newest 
book  is  8  Steps  to 
Restoring  Client  Trust: 
A  Professional’s  Guide 
to  Managing  Client 
Conflict.  You  can 
contact  him  at  info® 
leadinggeeks.com. 


PROCESSES  SEEM  TO  COME  AND  GO.  Too  often,  though,  they  wither 
away  from  disuse  when  they  still  have  value.  How  can  we  ensure 
that  our  staffs  remain  engaged  with  worthwhile  processes? 

Consider  the  life  cycle  of  the  typical  process.  It  usually  is  created 


as  a  response  to  some  organizational  trauma,  like 
a  major  project  failure.  For  a  while,  everyone  em¬ 
braces  it,  testing,  tweaking,  celebrating  successes 
and  mitigating  inconveniences.  But  eventually, 
enthusiasm  wanes.  Urgent  needs  come  up,  and 
people  decide  that,  just  this  once,  a  shortcut  is 
justified.  The  decay  begins.  Before  you  know  it, 
the  process  is  forgotten,  a  new  trauma  occurs,  and 
the  cycle  starts  again. 

Each  time  it  happens,  we  feel  terrible.  But  when 
we  better  understand  why  we  let  this  happen  — 
how  much  human  nature  has  to  do  with  it  —  we 
can  interrupt  the  cycle. 

Human  motivation  isn’t  all  that  mysterious.  We 
tend  to  focus  our  attention  on  what  feels  good. 
And  for  us  as  geeks,  solving  problems  feels  really 
good.  We  love  to  roll  up  our  sleeves  and  analyze 
problems,  and  we  glory  in  the  thrill  of  solving 
them.  So  a  new  process  feels  good  because  we’re 
solving  a  problem:  “Why  did  the  project  fail,  and 
what  can  we  do  about  it?”  As  long  as  the  problem 
seems  present,  gnarly  and  intractable,  we  enjoy 
following  the  process.  But  once  a  problem  has 
been  solved,  it’s  not  so  interesting  to  us  anymore. 

Eventually,  we  follow  the  process  because  we 
are  obliged  to.  We  start  to  think  of  it  as  rules  to 
follow  rather  than  a  solution  to  our  problems.  Our 
inner  schoolchild  starts  to  rebel.  Some  of  us  might 
start  to  unconsciously  solve  a  new  problem:  “What 
is  the  minimum  process  that  I  can  follow  and  still 
deliver  an  acceptable  outcome?”  Others  get  caught 
up  in  the  more  immediate  rewards  of  short-term 
problem-solving.  Solving  an  urgent  problem  is 
more  rewarding  than  following  a  process  because 


the  joy  of  its  solution  comes  immediately.  When 
following  a  process  feels  bad  and  avoiding  it  feels 
good,  it’s  no  wonder  things  unravel  quickly. 

If  you  want  to  keep  off  the  process  merry-go- 
round,  you’ll  need  to  fundamentally  change  how 
you  as  a  leader  think  and  feel  about  the  rewards 
of  following  processes.  You’ve  got  to  give  the  team 
something  lasting  to  care  about.  The  key  to  that  is 
at  the  very  beginning  of  developing  a  process.  In 
short,  create  processes  that  achieve  a  vision,  not 
ones  that  just  solve  a  problem. 

A  process  has  to  speak  to  something  bigger 
than  the  last  problem  you  encountered,  so  that 
adherence  to  it  lasts  longer  than  the  removal 
of  symptoms.  The  joys  of  achieving  a  vision 
are  somewhat  different  from  those  of  solving  a 
problem.  Problems  give  way  to  forgetfulness  when 
their  noxious  symptoms  have  been  removed.  A 
vision  is  more  long  lasting. 

You  might  liken  it  to  marriage.  Most  people  get 
married  not  to  solve  a  problem  but  in  pursuit  of  a 
vision  of  sharing  a  life  together,  perhaps  starting 
a  family.  If  you  get  married  to  solve  a  problem 
rather  than  to  pursue  a  vision  —  because  it’s 
the  easiest  way  to  obtain  wealth,  say,  or  because 
you  want  your  child  to  have  married  parents,  or 
because  your  visa  is  about  to  expire  and  you  don’t 
want  to  leave  the  country  —  the  chances  are  the 
marriage  won’t  last.  The  same  is  true  of  processes. 

Whenever  you  talk  to  your  group  about  a 
process,  focus  on  the  first  principles  of  your 
vision.  As  people  come  to  recognize  the  role  of  the 
process  in  achieving  that  vision,  it  will  become 
self-sustaining.  ♦ 


44  COMPUTERWORLD  MAY  20.  2013 


Proven  IT  Leadership  Development 
Designed  and  Led  by  Future-State  CIOs 


»  Chart  your  own  path  based  on  career  aspirations  and  goals 
»  Identify  opportunities  across  known  IT  competencies 
»  Learn  from  high-profile,  experienced  CIO  mentors 
»  Tailor  participation  within  three  areas  of  professional  development 
»  Utilize  Boston  University  and  Harvard  Business  Publishing  courseware 


Pathways:  Start  Your  Journey  Today 

Visit:  council.cio.com/pathways 
Call:  +1  508.766.5696 
Email:  cec  info@cio.com 


Powered  by 


CIO  Executive  Council 

Leaders  Shaping  the  Future  of  Business 


THE 

FUTURE-*  . 
STATE  CtO 


SERVER  DOWNTIME  ELIMINATED. 
I.T.  INNOVATION  ENHANCED. 

EQUIFAX  SEES  THE  POWER 
OF  WINDOWS  SERVER  2012. 

Businesses  arid  financial  institutions  around  the  world  rely  on 
Equifax  for  fast  access  to  employment  data  in  over  220  million 
records.  So  eliminating  server  downtime  is  a  top  priority.  At 
the  same  time,  developing  new  products  is  how  the  business 
fuels  growth. 

To  streamline  server  cluster  updating,  Equifax  upgraded  to 
Windows  Server  2012.  By  eliminating  the  downtime  associated 
with  security  updates,  the  IT  team  can  spend  less  time  doing 
routine  maintenance,  and  more  time  focusing  on  innovative 
new  ideas. 


Read  more  about  Equifax's  success  and  see  what  you  can  do 
with  Windows  Server  2012. 


|  Windows  Server  2012 


BUILT  FROM  THE  CLOUD  UP. 


